I changed my password, but it wasn't because of reuse

Discussion in 'Miscellaneous [DB]' started by Tom Lane, Aug 7, 2021.

  1. Tom Lane

    Tom Lane Gold Supporting Member

    I checked the pwned site and it reported that I'd been hacked and so, of course, I changed my password. But my account wasn't hacked because of reusing my password; I had, and again have, a unique password on TB. Not sure what that means other than than the hackers didn't get my password from another site.
  2. Tom Lane

    Tom Lane Gold Supporting Member

    Wow, so interesting, no comments. If I'd have criticized pick guards I think I would've gotten a few pages already. I'm hoping my post can be addressed appropriately... but my hope is fading.
    james condino likes this.
  3. Sailfish


    Jan 14, 2020
    Oregon, USA
    That's concerning, if any, what antimalware service do you have on your computer, it's incredibly important to know if this is a local issue, I also checked at haveibeenpwned, and saw nothing new in database leaks etc. Best of luck, be careful!
  4. jheise


    Aug 11, 2004
    Hamburg, Germany
    Which site have you used to check and did it specifically mention your talkbass account?
  5. StyleOverShow

    StyleOverShow Still Playing After All These Years Gold Supporting Member

    May 3, 2008
    Related to, read this morning that three random words better than complex passwords.

    so Fender!Neos?Sterling.
    Tom Lane likes this.
  6. Keith Rawlings

    Keith Rawlings Gold Supporting Member

    Aug 3, 2019
    When I ran mine it had breaches that happened years ago: one with MyFitnessPal and two other random things, but they’re so old.
  7. Do you access TB via desktop/laptop (Mac or PC)?
    Or via Tablet/smartphone (Apple, Android or other)?

    Any thoughts on cause of breach?
  8. salmon256


    Jul 10, 2021
    Are you Pwn is just telling you that your password and email combation is public or on a public hacker/pastebin somewhere on the internet. It doesn't mean you have been hack (yet) my old email which had popped up on Pwn a couple of times didn't have issues till like 4 years later even though it was on Are you Pwn for all that time. Basically it means change your password incase, the internet is big but there are bots that can auto log in your details zombie your account or steal paying credentials which happens the most. Also it's good to have many emails since many of those emails on those list could be signed up for spam and sign you up for spam websites auto making accounts.

    Best advice is, scan your PC and also see what devices you use. Also use a stupidly unique password that isn't the same. Avoid clicking links from unknow users even if they seem harmless. Also if you feel so, set up 2 step on things you consider most important. There could be a key logger on your computer or device. Get Malwarebytes which can track those loggers down the best IMO.

    Best of luck, cheers, stay safe.
  9. Tom Lane

    Tom Lane Gold Supporting Member

    Yes, that's what occured to me too. The pwned site they recommended just confirms that your email is in a darkweb database of account info, not that our TB accounts have been hacked. Since I use unique passwords for every account, Pwned is just reporting that account info using my email has been compromised. But those hacks are from other site breeches.
    Keith Rawlings and salmon256 like this.
  10. Tom Lane

    Tom Lane Gold Supporting Member

    Actually, if you use Chrome, it has a feature in Settings->Safety Check where it will review their db of your hacked sites and passwords and it'll provide more info than the pwned site. Worth a look, IMO.
    salmon256 likes this.
  11. fdeck

    fdeck Supporting Member Commercial User

    Mar 20, 2004
    Madison WI
    HPF Technology LLC
    My TB password is unique, check. I also ran my e-mail address through the have-i-been-pwned website. Check.

    I recently had to change a whole bunch of passwords because my family got rid of our land line, and the internet service that came with it. It was a good chance to ditch some ill-chosen passwords and entire accounts from years ago.
    Tom Lane likes this.
  12. salmon256


    Jul 10, 2021
    Yeah, google does that now as well which is nice! My sister on her HBO max which we all share popped up, I told her to change but she said it's not a worry now. It's not a worry till you get hacked I guess to her :blackeye:.
    Tom Lane likes this.
  13. DiabolusInMusic

    DiabolusInMusic Functionless Art is Merely Tolerated Vandalism

    When the big purge happened years ago, one of the ousted members sent me stuff from the mod side of the forum and provided me with info that would otherwise be inaccessible. I don't know much about computers but I am not shocked to find out passwords have been taken. And that isn't a slight on TB, my PSN info got stolen years ago in a big hack. Sony has a tower full of I.T. people and they got hacked - if somebody wants my TB password, they'll get it. Plus, what could possibly be gained with my TB account? "oh no, my internet rep points have been tarnished" ;) :D

    Cool tip about the Chrome, btw. I had used pwned before but didn't know it was accessible through the browser.
    Tom Lane and salmon256 like this.