topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Wednesday December 4, 2024, 6:17 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Yahoo! accounts hacked... two years ago!  (Read 4748 times)

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,775
    • View Profile
    • Read more about this member.
    • Donate to Member
Yahoo! accounts hacked... two years ago!
« on: September 23, 2016, 01:40 PM »
Yahoo just announced yesterday about this hack that took place 2 years ago:


yapoo.jpg


Yahoo announced on Thursday that the account information of at least 500 million users was stolen by hackers two years ago, in the biggest known intrusion of one company’s computer network.

In a statement, Yahoo said user information — including names, email addresses, telephone numbers, birth dates, encrypted passwords and, in some cases, security questions — was compromised in 2014 by what it believed was a “state-sponsored actor.”


from New York Times

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,775
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Yahoo! accounts hacked... two years ago!
« Reply #1 on: September 23, 2016, 01:48 PM »
I just saw that this was mentioned in this other thread:

The Hostile Email Landscape

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Points: 1
  • Posts: 9,775
    • View Profile
    • Read more about this member.
    • Donate to Member
Re: Yahoo! accounts hacked... two years ago!
« Reply #2 on: September 23, 2016, 01:54 PM »
Ugh...

I just went to change my Yahoo account password and used a password generator to generate a very long password. I entered it into the "new password" and "confirm password" fields and thought it looked a lot shorter than the one I generated.

It turns out that they truncate it to 32 characters without telling you.

Why are companies so inept at allowing people to use secure passwords?

Shades

  • Member
  • Joined in 2006
  • **
  • Posts: 2,939
    • View Profile
    • Donate to Member
Re: Yahoo! accounts hacked... two years ago!
« Reply #3 on: September 24, 2016, 12:52 PM »
Their name actually says it all...they are just a bunch of yahoos.

If y! indicates that the max length of a password is 32 characters it wouldn't be such a big deal. A password of 32 characters will take quite some time to brute-force (assuming they take precautions such as hashing and salting). But I am not surprised if they don't mention this limit. For a company that has/had so much to do with communicating, they sure don't do enough of that themselves.

y! sure has fallen...