• An addendum to Rule 3 regarding fan-translated works of things such as Web Novels has been made. Please see here for details.
  • We've issued a clarification on our policy on AI-generated work.
  • Our mod selection process has completed. Please welcome our new moderators.
  • Due to issues with external spam filters, QQ is currently unable to send any mail to Microsoft E-mail addresses. This includes any account at live.com, hotmail.com or msn.com. Signing up to the forum with one of these addresses will result in your verification E-mail never arriving. For best results, please use a different E-mail provider for your QQ address.
  • For prospective new members, a word of warning: don't use common names like Dennis, Simon, or Kenny if you decide to create an account. Spammers have used them all before you and gotten those names flagged in the anti-spam databases. Your account registration will be rejected because of it.
  • Since it has happened MULTIPLE times now, I want to be very clear about this. You do not get to abandon an account and create a new one. You do not get to pass an account to someone else and create a new one. If you do so anyway, you will be banned for creating sockpuppets.
  • Due to the actions of particularly persistent spammers and trolls, we will be banning disposable email addresses from today onward.
  • The rules regarding NSFW links have been updated. See here for details.

Notification suggesting password change

BlackDragon98

BlackDragon98

Emperor in Exile
Joined
Oct 8, 2020
Messages
1,219
Likes received
10,240
I just got a notification that my password isn't unique and it suggested that I change it. I was also logged out of my account when I was logged in last night.

Has my account been compromised or something?
 
BlackDragon98 said:
Has my account been compromised or something?
Click to expand...
Click to shrink...
Not that I can see; we'd have Muted you if you'd posted anything spammy. Not sure if anything was done on the backend to flag common passwords and log out those who possess them, as there has been a lot of compromised accounts lately.
 
LurkingInTheDeceit said:
Not that I can see; we'd have Muted you if you'd posted anything spammy. Not sure if anything was done on the backend to flag common passwords and log out those who possess them, as there has been a lot of compromised accounts lately.
Click to expand...
Click to shrink...
I checked my profile and everything is fine. But the notification was quite concerning. I wish I took a screenshot of it before I clicked it because now its permanently gone. And yes I did change my password just in case.

Well, that sounds ominous.
 
BlackDragon98 said:
I just got a notification that my password isn't unique and it suggested that I change it. I was also logged out of my account when I was logged in last night.

Has my account been compromised or something?
Click to expand...
Click to shrink...
Xenforo has an add-on for password security that checks password hashes from our database against known comrpomised passwords lists such as from HaveIBeenPwned.com - this is checked on login.

No password is ever transmitted (the system outright doesn't even store plaintext passwords)
No full password hash is ever transmitted to the outside
The system sends HIBP a very incomplete password hash, HIBP sends back a list of thousands of hashes of known compromised passwords that fit, then the system

SB and SV both implement the same system (it's something Xon made)
 
You were probably surprised by this because you don't usually log out, but you were last night for some unrelated reason, and so got the notification you'd get every time you logged in with that password.
BlackDragon98 said:
Well, that sounds ominous.
Click to expand...
Click to shrink...
By 'a lot', I count 19 in the past week; not sure whether that's high or low in relative terms, but it certainly feels like a lot when you have to deal with them.

Edit: Now 20.
 
Last edited:
You must log in or register to reply here.

Users who are viewing this thread

  • Total: 3 (members: 2, guests: 1)
    Back
    Top