• The site has now migrated to Xenforo 2. If you see any issues with the forum operation, please post them in the feedback thread.
  • Due to issues with external spam filters, QQ is currently unable to send any mail to Microsoft E-mail addresses. This includes any account at live.com, hotmail.com or msn.com. Signing up to the forum with one of these addresses will result in your verification E-mail never arriving. For best results, please use a different E-mail provider for your QQ address.
  • For prospective new members, a word of warning: don't use common names like Dennis, Simon, or Kenny if you decide to create an account. Spammers have used them all before you and gotten those names flagged in the anti-spam databases. Your account registration will be rejected because of it.
  • Since it has happened MULTIPLE times now, I want to be very clear about this. You do not get to abandon an account and create a new one. You do not get to pass an account to someone else and create a new one. If you do so anyway, you will be banned for creating sockpuppets.
  • Due to the actions of particularly persistent spammers and trolls, we will be banning disposable email addresses from today onward.
  • The rules regarding NSFW links have been updated. See here for details.

I got a notice from my browser that my password here was leaked

Was the password shared with any other sites?
 
Those browser warnings don't mean the site they pop up on was compromised, they mean that the password you used and/or have saved for the site was also used on some site that was compromised. Depending on what the browser is doing this could mean your username/email and password combo showing up in a public leak, a known non-public leak on a site that the browser knows you use the same password on, someone (not necessarily you) using the same password somewhere and it ending up in a massive list of compromised passwords, or something else along those lines.

https://haveibeenpwned.com/ is at least one such resource for checking if your information is out there.

I'm pretty sure that QQ itself is fine, but you should probably change your own password if you haven't already.
 
I am not a mod or something but i checked using my own email and while it has been leaked in other cases according to haveibeenpwned there was no indication that there was a leak involving QQ.

(Also you have heard this a 100 times already but some people still don't do it so: Always make sure to use different passwords for every account)
 
(Also you have heard this a 100 times already but some people still don't do it so: Always make sure to use different passwords for every account)
Using the same password for lowsec shit and for highsec shit is stupid, but using the same password for lowsec shit and other lowsec shit is not actually especially bone-headed.
 
(Also you have heard this a 100 times already but some people still don't do it so: Always make sure to use different passwords for every account)
The real advice here is to get a decent password manager and use it. For people with dozens of accounts, individually remembering every password isn't really an option.
 
Using the same password for lowsec shit and for highsec shit is stupid, but using the same password for lowsec shit and other lowsec shit is not actually especially bone-headed.
For the record, highsec shit =

- Your root account on your own computer (this is the crown jewel; if this is compromised everything else is compromised because of saved logins and keyloggers)
- Your email, if it's a webmail (because this can be used to reset password on most of your other accounts so again a compromise here fucks a lot of other shit)
- Anything that lets you spend money (i.e. which bad guys could use to steal your money)
- Anything where you have unusual authority with which someone could do mischief (e.g. mod/admin access, or control over real-world objects; technically fic counts if you're dumb enough to post to only one site and not have a backup, but that's easily fixed)
- Anything that has secrets you want to keep (e.g. in PMs; stuff in member-only forums doesn't need your account to read so it might as well be public)
The real advice here is to get a decent password manager and use it.
I mean, yes, if you can trust the password manager and you don't mind the inconvenience. I'll note that the only real difference between a password manager and a .txt file on your desktop is slightly better security against Evil Maid/Evil Housemate.
 
I mean, yes, if you can trust the password manager and you don't mind the inconvenience. I'll note that the only real difference between a password manager and a .txt file on your desktop is slightly better security against Evil Maid/Evil Housemate.

A number of password managers now also offer to generate really long passwords for you, but other than that you're right.

To be completely honest, people panic too much about data breaches. Just keep changing your passwords and keep an eye on anything important.

I'm fairly sure I've had data stolen recently that doesn't even show up on that haveibeenpwned site, there's been a strong upsurge in spam emails. So what, just changed all my important passwords and moved on.
 

Users who are viewing this thread

Back
Top