5 million ‘compromised’ Google accounts leaked

[booo]

not my mail id.

 

[kuduku]

not mine .

 

[Mechanic]

I'd guess those whose passes have been compromised may have used weak or dictionary passwords, used them on multiple sites (one of which was compromised too), or didn't change them for a few years at least.
Even those with weak but new passwords were spared.
There is speculation that the password dump might be actually very old, it has been leaked to the gen pop only after the hackers had their way with it.

I myself use LastPass and generate a 25 letter alphanumeric string as a password every 6 months for Gmail and other important accounts.
Thankfully I don't think mine was leaked , but there wasn't anything interesting to begin with

 

[booo]

I myself use LastPass and generate a 25 letter alphanumeric string as a password every 6 months for Gmail and other important accounts.

Wait until lastpass gets compromised.

 

[singenaadam]

@booo LastPass is frightening for that reason alone.

For those (on Windows) who are not able to open the file with Notepad, you can try WordPad.

 

[avi]

I'd guess those whose passes have been compromised may have used weak or dictionary passwords, used them on multiple sites (one of which was compromised too), or didn't change them for a few years at least.

I use a very strong (yet memorable) password and totally unique to Google.

So yes, Google is compromised.

 

[asingh]

Mine are not there. Was taking way too long to open in NotePad. Used MS-Access, and then queried it..!

 

[artikle]

Most of these are actually part of a collection of gmail based usernames and passwords collected from sites other than Google since a long period of time (like the Gawker account leaks). In fact a lot of users whose emails are on that list traced their passwords in the list back to the time of the Gawker leaks. This is mostly the result of people using same passwords everywhere and those sites getting compromised rather than Google getting compromised and/or being subject to phishing attacks. Everyone should have two step verification to expect security IMO.

 

[smnrock]

^that is the point here... If Google is compromised means... Why only 5 million account? And mine is not there in the list which I use from beta period got it by invite during TA period

 

[ssslayer]

My email ID is there but the password mentioned is completely wrong!!!

 

[avi]

Most of these are actually part of a collection of gmail based usernames and passwords collected from sites other than Google since a long period of time (like the Gawker account leaks).

I use very strong and unique password to gmail. and I don't have even have Gawker account. So I still believe Gmail was hacked.

I am surprised nobody here on TE use unique passwords, atleast for gmail.

 

[artikle]

I use very strong and unique password to gmail. and I don't have even have Gawker account. So I still believe Gmail was hacked.

I am surprised nobody here on TE use unique passwords, atleast for gmail.

Have you ever used this password anywhere? It is not only Gawker. I use unique passwords too and Im not on the list,but however unique the password, if you use it at more than one place it can get compromised. So I dont believe Gmail was hacked because most people are realizing that it is because of them using their password elsewhere.

 

[sabby]

I use unique password and my account is not in the list. Neither is my friends' which I checked.

 

[blkrb0t]

Have you ever used this password anywhere? It is not only Gawker. I use unique passwords too and Im not on the list,but however unique the password, if you use it at more than one place it can get compromised. So I dont believe Gmail was hacked because most people are realizing that it is because of them using their password elsewhere.

Unique means he only uses the password for that site. Why would he use it at more than one place?

 

[avi]

Have you ever used this password anywhere?

It's only used in Gmail, thats why I said unique.

I have not used this password anywhere. Not a chance. I have not saved this anywhere also, like in iCloud Keychain or Lastpass.

So anyone in similar situation like me? I asked my friends, but those buggers use common passwords.

 

[artikle]

It's only used in Gmail, thats why I said unique.

I have not used this password anywhere. Not a chance. I have not saved this anywhere also, like in iCloud Keychain or Lastpass.

So anyone in similar situation like me? I asked my friends, but those buggers use common passwords.

Sorry. I tend to have brain farts like that some times. Right now, I haven't come across such people except you, but some one might turn up on this thread on reddit (http://www.reddit.com/r/worldnews/comments/2fzn3a/5_million_compromised_google_accounts_leaked/)

 

[Blackend]

Wait until lastpass gets compromised.

LastPass offers two factor authentication as well. From what I recall, LastPass keeps all the username/password information with salted hashes so it can only be recovered with the correct credentials. With two factor authentication, the chance of someone getting into your account with just the credentials becomes negligible.

 

[tkin]

I'm safe, it's probably due to the fact that I had always used a very unique password for all my mail ids and my chrome sync is encrypted with a md5 hashed string.

 

[booo]

LastPass offers two factor authentication as well. From what I recall, LastPass keeps all the username/password information with salted hashes so it can only be recovered with the correct credentials. With two factor authentication, the chance of someone getting into your account with just the credentials becomes negligible.

last time I checked, iCloud was claiming to be secure too, then the fappening happened.

 

[tkin]

last time I checked, iCloud was claiming to be secure too, then the fappening happened.

Only thing that's truly safe is our mind, otherwise a pen and paper comes pretty close.