#Tag · bonfire.cafe

Oh, yeah! #Plex got hacked!

They SAY passwords were hashed, but PLEASE #reset your plex #password and force a sign-out on ALL devices using their interface as follows:

When doing so, there's a checkbox to "Sign out connected devices after password change," which we recommend you enable.

Irritating...especially cos they don't say WHEN this happened!

@lisamelton @briankrebs

((Jann Gobble)) 🏳️‍🌈

@jgobble@mastodon.social · 2 weeks ago

Oh, yeah! #Plex got hacked!

They SAY passwords were hashed, but PLEASE #reset your plex #password and force a sign-out on ALL devices using their interface as follows:

When doing so, there's a checkbox to "Sign out connected devices after password change," which we recommend you enable.

Irritating...especially cos they don't say WHEN this happened!

@lisamelton @briankrebs

der.hans and 1 other boosted

Benjamin Carr, Ph.D. 👨🏻‍💻🧬

@BenjaminHCCarr@hachyderm.io · 3 weeks ago

#McDonald’s #AI Hiring #Bot Exposed Millions of Applicants’ Data to Hackers Who Tried the #Password ‘123456’
Basic #security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm https://Paradox.ai.
https://www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/
https://archive.ph/1Y8Oq
#ITSec

Benjamin Carr, Ph.D. 👨🏻‍💻🧬

@BenjaminHCCarr@hachyderm.io · 3 weeks ago

Jan Bartosik

@janbartosik@witter.cz · 2 months ago

While I appreciate the #password requirements, I admit to being at a loss atm.
So is my @bitwarden 😅

#online #security #passwords #StrongPasswords

Joel Michael boosted

Dumb Password Rules

@dumbpasswordrules@infosec.exchange · 2 months ago

This dumb password rule is from Bendigo Bank.

Exactly eight characters.

https://dumbpasswordrules.com/sites/bendigo-bank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Dumb Password Rules

@dumbpasswordrules@infosec.exchange · 2 months ago

This dumb password rule is from Bendigo Bank.

Exactly eight characters.

https://dumbpasswordrules.com/sites/bendigo-bank/

#password #passwords #infosec #cybersecurity #dumbpasswordrules

Felix Palmen :freebsd: :c64:

@zirias@mastodon.bsd.cafe · 5 months ago

The new #password #file management tool for #swad, #swadpw, is almost done, tests finally look sane 😉

Terminal session manually testing the swadpw tool to manage password files for swad

Felix Palmen :freebsd: :c64:

@zirias@mastodon.bsd.cafe · 5 months ago

Of course, this new credentials checker in #swad needs a #tool to edit these #password files, that's currently work in progress.

I just implemented the class for reading a password, pretty simple thing from a pipe, but an "interesting" job from a #terminal. Turns out doing that portably, reliably and secure needs quite some code. 🙈

There's #getpass, but that's deprecated for good reasons (global state and not perfectly clear how it deals with #signals that could interrupt the input). And there's the sane replacement #readpassphrase in some systems (e.g. #FreeBSD), but that's not portable. 🙃

So, plain old #tcsetattr it is, with some signal handling on top:
https://github.com/Zirias/swad/commit/447f48096fc275a5bae113393ffe9a3cbc66cc95

Futuristic Robert [KJ5ELX] :donor:

@0xF21D@infosec.exchange · 6 months ago

So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.

Let me put the important words in uppercase.

So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.

[Edit with H/T: https://benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX]

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

#cloudflare #password #cybersecurity