Notification of data breach in 2016

Discussion in 'Site Announcements' started by sothis, Jul 29, 2019.

Thread Status:
Not open for further replies.
  1. LadyPsychic

    LadyPsychic Well-Known Member

    To be honest, I never change my password. Then again, I don't buy stuff online, use credit cards, or even look up my bank account online precisely so stuff like this won't affect me. Anyways, I'm kind of concerned about the password change. You see, I haven't been able to get in my email account for the past few months (I never read my email anyways so I just left it alone). I'm worried that I might not be able to change my password if I can't get into my email (and thus, be locked out of my account). Is there anything I can do?
     
  2. sothis

    sothis Forum Moderator Anime-Planet Founder Developer

    Posted by sothis on Aug 2, 2019
    #22
    Update your email address on file to one that you can access, then change your password.
     
  3. LadyPsychic

    LadyPsychic Well-Known Member

    The problem is that I only have one email address and I don't know how to get a new one (I've had my email since I was a teen and my mother set that one up for me. I'm technologically inept.)
     
  4. Fluffs

    Fluffs Database Moderator

    Posted by Fluffs on Aug 3, 2019
    #24
    https://support.google.com/mail/answer/56256?hl=en Instructions on how to create a Gmail account
    or you can sign up here for a Microsoft account
    https://signup.live.com/?lic=1 (these would be @hotmail, @outlook)

    (any other provider would work as well, think Gmail is your best option as they have step by step instructions ^^)
     
    CaptainSlow likes this.
  5. Starra

    Starra Database Moderator

    Posted by Starra on Aug 3, 2019
    #25
    A dumbass question: I reset my password the other day (I think I've changed it since 2016, but, being a moderator, I wanted to be extra careful). Will I have to reset it again when the forced reset comes around, or am I okay since I've already changed it since this announcement?

    It's not that I mind changing it again, I just can't work it out lol.
     
    Fluffs likes this.
  6. Kari5

    Kari5 Database Moderator

    Posted by Kari5 on Aug 3, 2019
    #26
    Just go to any email system and hit 'new account'. Its just like opening an AP account, just choose 'username' and password.
    Gmail, Outlook (hotmail), Yahoo...there are options but they all basically do the same.
     
    Nicknames likes this.
  7. LadyPsychic

    LadyPsychic Well-Known Member

    Thanks for the suggestions. I think I'll see if I can get my current email to work first, but if I can't then I'll see about getting a Gmail account or something.
     
  8. joey007

    joey007 New Member

    The problem is that I only have one email address and I don't know how to get a new one (I've had my email since I was a teen and my mother set that one up for me. I'm technologically inept.)
     
  9. Grizz

    Grizz Database Moderator

    Posted by Grizz on Aug 4, 2019
    #29
    Two people have stated how to do that above.

     
  10. GlennMagusHarvey

    GlennMagusHarvey Well-Known Member

    Well, I agree but not for passwords.

    Like, all those silly blogposts and status posts and blathering on social media, all that is stuff that many people are used to being relatively "private" in the sense of being only known to friends, but are actually known to the entire world if anyone wants to dig for them, because they're on the internet and like a permanent record of a person's activity.

    But stuff like passwords explicitly should not be part of that.

    (Also, "public domain" has a specialized legal meaning that is not related to privacy but rather is related to copyright.)
     
  11. OmegaYami

    OmegaYami Active Member

    I was not pointing what should or shouldn't be, I am merely stating a fact. Unless people have been living under a rock for the past years, they know -even in a superficial and non-technical way- how personal, and often private, data are all available on Internet.
    Privacy issues and data breaches have burnt billion dollars this past year alone (tech and finance are part of my daily routine), so there is no surprise in gaining awareness of the fact that even if you think something is not available on the Internet, in truth it is.
     
  12. Demonskid

    Demonskid Well-Known Member

    I had gotten an email from I have been pwned a few weeks ago about this and changed my password then. o3o
    I hate that hackers target my favorite anime websites.

    You all do a good job keeping up with these things, thank you. OvO
     
    Nicknames likes this.
  13. chad28

    chad28 Active Member

    Posted by chad28 on Aug 6, 2019
    #33
    so the hashed password are not safe, they can be decoded, correct?
    and therefore we should change our password, right?
     
  14. GlennMagusHarvey

    GlennMagusHarvey Well-Known Member

    Ideally, a hashed password can't be decoded, but that depends on how they're encoded.

    (I don't know the technical details.)
     
  15. StarsMine

    StarsMine Database Moderator

    Generally no, they cant be decoded, but if you know the hash function you can brute force small character/character sets and past that its usually using LUTs (look up tables) from previous hacks.
     
  16. ChalamiuS

    ChalamiuS Squisher of Bugs Developer

    In general when a data breach occurs anywhere it makes sense to change your passwords on sites related to the place that was breached. And any similar passwords that you have.

    Cryptographic hashes are what's known as one-way functions, their explicit purpose is to not be possible to "decode".

    However, with enough computing power (say... a lot of graphics cards in a rack or a few p3 instances with graphics cards on AWS) you can bruteforce the hashes by performing the same operations that would be performed to check the password's validity to try to match with the hashes you are trying to break. Either by brute-forcing combinations or (more commonly) by using known password lists and mutating them.

    This is why, in general it's better to have a long and complex password as it makes guessing it harder. Which is quite relevant when hardware is capable of hundreds of thousands or billions of guesses a second (depending on what hashing method was used).

    Also, the password reset mentioned in the first post of this thread has now been pushed to accounts registered up to and including 2016.
     
  17. StarsMine

    StarsMine Database Moderator



    For a basic overview
     
  18. sothis

    sothis Forum Moderator Anime-Planet Founder Developer

    Posted by sothis on Aug 6, 2019
    #38
    Prefer if this thread could be kept to announcements or questions about the event only. Please discuss fundamentals or other general topics in the General section
     
    GlennMagusHarvey likes this.
  19. Tsubyaki

    Tsubyaki New Member

    Did not appreciate being forced to change my password AGAIN because of this.
     
  20. Grizz

    Grizz Database Moderator

    Posted by Grizz on Aug 6, 2019
    #40
    If you had already changed your password and dont wish to have to learn a new password, change it back after doing the forced change.
     
Thread Status:
Not open for further replies.

Share This Page