THIS IS RELATED TO VIDEOGAMES AND THE SECURITY OF THE ANONS

>>368564603
Man I don't even know my own humblebundle, indiegala or discord passwords

>>368564693
now is the time to change friend.

Last time ignored it, someone claimed my unused humble bundle keys.

i got them back, but still.

ALSO EVERYONE ENABLE 2FA

>>368564603
Only one that matters is discord and even then, It's not too serious. I'll change it in a couple minutes

>>368564693
Well now you can go look them up online

>>368564881
this. back to /g/, OP

>>368564603
Oh no! My 4chan account i --

Oh. Thats right...

>>368564881
Read the post.
It's not about these sites
It's about the trouble you can come across if one of these has the same login/pw combo has something actually important, such as Steam

If you don't use OTPs you're retarded.
or you live in the west. In which case, you're retarded. Move to a country that has measures to protect privacy.

2 step authentication works fine, but if someone gets your password, shitty, underpaid indian tech support isn't gonna question them saying "I lost my phone".

>>368565089

Exactly. Some people use the same passwords. Some people reuse old passwords too

In my case, i reused a 6 year old password and with my luck, it was the one that was leaked from another website.

>>368564603
Patreon as well.

>changed all my passwords during the last big leak
>someone from china changed my wallmart.com password
>someone from china signed me up for Curse

File: 1294876952126.png (93KB, 375x300px) Image search: [Google]

93KB, 375x300px

>>368564603
>Lastpass
Except they don't use Cloudflare, faggot.

>>368565472
who is this girl i want to fap to hentai of her

>changing your password before sites fix the issue
Enjoy giving them your new password.

Steam doesn't use cloudflare, and I changed my passwords for my emails, so I should be safe.

I have like a metric buttload of passwords, and I never use the same one twice.

>>368565472
>using a password manager at all
>having to save your passwords somewhere

Literally fucking retarded.

>>368564603
how the fuck does someone get into your bank account with a password

>>368564603
Post the link to see compromised sites. Also how do I log off Discord? I use it for one specific thing because I honestly hate it but still

>>368565767
>doesn't recognize the benefits of an escrow
Enjoy your tinfoil.

>>368565679
Is no one reading OP's post?

I never use the same password on any website, that's pretty stupid, also always turn on two step verification when possible, I have both my Google and Steam accounts with mobile two step verification.

>>368564603
oh no my 4chan account

>>368564603
Has it been confirmed if HumbleBundle used the filter thingy?

>>368565767
Nigga, virtually everything needs its own account nowadays. If you go online these days, you have at least 12 different logins to memorize. Possibly more. Not to mention they're extra complicated to ensure nobody guesses them. How do you keep track of this shit?

I don't even use a password manager since keeping those passwords somewhere on my machine makes me nervous. Just interested how you people deal with this stuff.

>>368565679
Same. I have a little hidden safe box containing logins and passwords.

>>368565976

What about OP's post? Don't reply to me unless you're gonna be specific.

>nobody asks for source

>>368565976
He understands that the metric buttload can becompromised, but he does not care because the sites associated are not critical, like his email is. This is ok, people are allowed to have different threat models than you.

>>368566268
https://github.com/pirate/sites-using-cloudflare

>>368566268
It's true though

https://github.com/pirate/sites-using-cloudflare

>>368566195
"Steam doesn't use cloudflare" is literally a point OP tries to make. It doesn't matter if Steam doesn't use cloudflare, why do you think it wasn't listed?
The point is IF you use one of those sites, and it has the same account/pw as your Steam, you may be fucked.
You probably use 2FA so your Steam is fine,but it's still a concern for other shit.

You can reply to me and my son.

>>368566268
Because we aren't all lazy shits that need to be spoonfed. You can and should be able to validate this yourself. If you don't care to, then it's on you and doesn't effect anybody else.

>>368566268
Do you live under a rock or something? The Cloudflare data leak was news on every tech site yesterday.

>>368566271

Original poster here. That's pretty much the gist of what I'm talking about. I don't care if I lose my Phantasy Star Online account, as I've long since stopped playing, and I used a completely different pass and login.

>>368566421

If that was your argument, then I apologize for being rude. Not a single one of them shares my pass and login for steam.

So where can I find these password dumps?

>>368564603

>TFW Reuse my password endlessly

>TFW Except for things that have my Credit Card attached

Please just take my battle net account away from me, I need an excuse to never play again.

>>368565809
>hack email
>go to bank website
>"forgot password"
>go to paypal website
>"forgot password"

All someone needs to do is access your email for your life to be over.

They can change all your recovery settings too.

Good luck speaking with customer service for an email provider these days. Everything is fucking automated.

Heh, fools ...

>>368564603
Literally 0.00003% of requests could have been compromised IF someone knew what to look for, IF the data was sent to that particular user. The majority of requests contain no sensitive information. Very few caches were actually leaked before news got out.

You have an /extremely/ low chance to be affected by this. Of course, everyone is spreading FUD for clicks.

>>368566594
Considering Microshit Bing hasn't clear their cache yet, you can get them there. Or you could try to find them on an archive site where they haven't clear yet.

>>368566741

happened to me during the last big leak. Dont count yourself out. I had to call out of work to try and save everything i had since they got into my paypal and tried sending money to their Chinese accounts.

>>368565642
Is this true?

>>368566698
>Good luck speaking with customer service for an email provider these days. Everything is fucking automated.
Thanks for reminding me to switch off gmail

>>368566698
Your bank doesn't have 2 step authentication?

>>368566727
>imply there is a "Cloudflare Hacker"
It was a bug found by google's project 0 day and was responsibly disclosed. There is no "Hack" involved, dumbass.

>>368566698
>not using a mobile authenticator

For someone to hack into my email they would need to physically steal my phone.

>>368564603
Man I don't fucking care. I have no valuable information on any of those.

>>368566854
>Is this true?
It's not, I was just stiring shit. This is an issue with cloudflare and they already patched it, so further disclosures shouldn't happen for this instance.

>>368566158
>Just interested how you people deal with this stuff.

On paper in an inconspicuous journal on a shelf full of regular books.

Yeah sure someone could theoretically break in and steal it if they knew what to look for, but at that point I'd be more concerned about my home being burgled than someone making off with my Steam ID.

>>368564603

NOOO NOT MY TRIPCODES

Should I even care about Humble Bundle if I use 2 step verification? It's not like whoever gets my HB password will be able to enter the account if he doesn't have the authentication code sent to my email.

>>368567135
oh dear

>>368566912
*Hacks you into this pear

>>368566992

my email provider at the time did not have 2FA until a week after it happened.

My email account was made in 1998 and never received spam or was ever compromised until then.

muh AOL

>AOL
It was my own fault my shit was hacked for reusing an old password. Other than that, ive never had any problems with it, and i never have trouble receiving emails.

now all i get are fake "your steam account has been banned!!!" emails because they think theyll fool me into clicking that shit.

I love sucking cocks

>>368567101
>>368566158
At the end of the day, you can't really get rid of the threat of forgetting the passwords or them being compromised. You can only transfer the risk to something acceptable depending on YOUR situation. There is no one size fits all solution, so password managers, physical storage or any of the other options my work for someone else if not you as long as you know what your risk are.

>>368566741
THIS

fuck OP for spreading panic
this is nothing to worry about

Is there a quick way to test whether a domain not on the Github list is using Cloudflare or some other reverse proxy?

>>368564603
Are there really people who seriously use the same password to everything?

>>368566992
my bank considers rooted phones unsafe so can't use it. there's work arounds for that but i'll stick with the old school paper authenticator as long as it's available. probably actually safer than mobile authenticators.

>>368567392

Still, never hurts to be prepared.

>always forget passwords
>end up having to send reset link to email

>>368566992
>physically steal your phone

there was a thing where big youtubers were getting hacked and they used a different tactic

i think the hackers posed as the youtuber and got the service provider to send them a new sim card or something?

>okcupid compromised
NOOOOOOOOOOOOOO

>>368568498
faggots BTFO

how do i change my 4chan password? :3

>>368569205

Delete system 34. That'll bring you a password reset. ;D

>Paypal is safe
>Gmail is safe
>Bank is safe

It's literally nothing, why are people panicking.

>>368569274
You're not fooling me!

>>368564603

>Log into email.
>A bunch of chinks and mexicans tried to access my email
>They all failed

>>368569387
Stupid people put their personal information into other sites and then use the same password for everything.

>>368569387
This, I use unique passwords for anything remotely financial but I use a single password for everything else.
I literally couldn't care less if someone hacks my Discord account.

>>368564603
Thanks for the notice. I really should be changing my passwords into something more secure anyways, so I guess this is a good motivation to do just that.

>>368569604
That's fine. The problem is when you use the same password for stupid sites but also for important sites, like paypal, e-mail etc. I have 8 different passwords for my most important stuff that I change every 6 months. Then I have 2 easy as fuck passwords for dumb accounts on all other sites.

Even if someone got into my account on a store and wanted to buy something for $500, they can't buy anything since they also need my PayPal account which has a completely different password.

>>368564603

even if it is nothing it has got me off my ass to secure all my valuable passwords.

basically
>bank
>Steam

ban russians from the internet and shit will forever be safe.
make the internet great again.

>>368569604
Knowing a password isn't remotely enough to get into any decent bank account. And Literally nothing else has any major significance. Paypal is probably the most dangerous but for a variety of reasons I just don't use that anymore.

>>368570313

This. Most banks require some sort of personal ID. And unless you are retard and make it facebook tier.

IE: Fathers first name, Name of school

I use random sentences in my passwords. Like Best Friends name: Roxas.
Name of School: Hogwarts

Shit like that.

>>368570462
>

I try to incorporate pig latin into my passwords.

>>368570462
Yeah when they as me "What's the name of your first pet?" the correct answer is "You're mother"

File: thing.jpg (22KB, 375x278px) Image search: [Google]

22KB, 375x278px

>>368570462
>>368570313
Don't you guys have this small electronic thing with numbers on it that you use to login to a bank and make transactions with?

Like, when I make a transaction in the bank there's a number I type into this little electronic thing and then a new number pops up on the electronic thing and I type that into the webpage and boom, done.

100% secure. pic related

What's a good open source password manager I can use on both windows and linux to handle that?

>>368570693
Yes.
It's called my phone.

File: 7050195-A-note-pad-and-old-fashoned-fountain-pen-on-a-white-Background-Stock-Photo.jpg (100KB, 1300x1239px) Image search: [Google]

100KB, 1300x1239px

>>368570894
Pic related.

>>368570894

I just use a USB drive to store my passwords. Gotta use standard text documents too, since Windows automatically saves Word documents.

>>368570894
Keepass. It can be used on Windows, Linux, OSX, iOS, Android and probably Microsoft phones.

>>368571007
>>368571105
That's not what a password manager is for anons.
I want a tool to generate 32-characters passwords on the fly, plug them in automatically into the websites and services I tell it to, and store everything on an encrypted file I can keep on a hosting service like google drive or onedrive.
>>368571189
Thanks.

File: ESS01461_2_1.jpg (22KB, 400x400px) Image search: [Google]

22KB, 400x400px

>>368570894
>>368571007
I use one of these and a bunch of note cards. You can freely reorganize them alphabetically or however you want, can add new ones easily, and can tear up and replace them as you need.

>>368571221
>32-characters passwords
Most websites won't support such a thing. A random string of 10-12 is easy to write down and if you type it 50 or so times you'll probably get the muscle memory down well enough.

>>368570894
i just slam the keyboard and then write it down

>>368571409
Password length is just as important as character pool size.

>>368566698
>bank website
>forgot password
That's a shit tier bank and you shouldn't use it

>>368571550
Sure but 10 characters incorporating upper case, lower case and numbers will be more than strong enough against any current or foreseeable future brute force attacks. Symbols are a bonus too.
32 characters is absurd overkill and most websites won't allow it to save of database space.

>>368570693
Yeah my computer doesn't have one of those
And contactless suddenly became big so I don't even need to use my PIN at shops anymore

>>368566698
My gmail and hotmail have separate passwords and any attempt to change the setting of one asks for permission from the other.
Should be fine unless both get compromised at the same time and the attacker knows about both.

>tfw use the same password for everything
im fucking sweating right now, changing my passwords asap

>>368571550
Lots of websites I use don't support passwords longer than 12 characters.

>>368564603
LastPass and Keepass are fine. LastPass doesn't use cloudfare and keepass is all done offline.

>>368574806
das cruel mang

>>368574972
what

>>368565552
Search for the image on google :^)

goddamn am I tired of these leaks and hacks.
why can't these sites ever properly secure their shit? there really should have been some massive lawsuit with yahoo's.

>>368575418
Latecomers can't see the post to even search on Google, anon. You'll need to tell us what it was.

>>368565262
>OTPs
shipperfag fujoshi get out

>>368564603
>tfw not a PCuck
PFFFFFFFFFFFTHAHAHAHAHAHAHAHAHAHAHA!!!!!!!!!!!!!!

I began using unique passwords for everything many years ago.

Most of that shit I don't have accounts for anyway; don't use discord, don't use bundle sites, don't use 4chan.

I changed my greenmangaming password, but I haven't used them in awhile anyway. Partially because they retired the voucher system that made them cheaper than just buying off Steam and partially because they began to act sketchier, like a generic gray market keysite.

File: just..jpg (36KB, 482x427px) Image search: [Google]

36KB, 482x427px

Guys what if we use humblebundle but don't have our payment info saved? Am I safe in this case or still fucked?

>>368564603
>3dsiso.com
Holy shit again? How many times have they gotten fucked this year?

File: who is that.jpg (27KB, 1440x1080px) Image search: [Google]

27KB, 1440x1080px

>>368576071
Gee I wonder what company could be causing that.

>>368576790
Anon, they saved the passwords and emails in a txt file, they deserve to be shat upon