Have i been pwned?
-
- 5StarLounger
- Posts: 1021
- Joined: 23 Jan 2011, 01:52
- Location: Witness Protection Program.
Have i been pwned?
Hi Folks, I went to this website:-
I would now like to close the gmail account but keep the settings I have made and transfer them to a new account. Keeping my contacts is the easy part, it's the remainder I am worried about.
to find to my horror, my main gmail address has been compromised twice. The first time I found this, I changed my password and have not had any trouble so far.I would now like to close the gmail account but keep the settings I have made and transfer them to a new account. Keeping my contacts is the easy part, it's the remainder I am worried about.
You do not have the required permissions to view the files attached to this post.
Windows 11 Home 22H2
Regards,
George.
-
- Administrator
- Posts: 78464
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Have i been pwned?
Best wishes,
Hans
Hans
-
- 5StarLounger
- Posts: 1021
- Joined: 23 Jan 2011, 01:52
- Location: Witness Protection Program.
Re: Have i been pwned?
Hi Hans, once again, thanks for your speedy informative response. I don't have time today to read any of the link's data. I have realised it will be bigger than I originally thought. I have over 30 sites to open a new account on but will have to keep the old one for it's contents. Plus over 80 contacts to get my new address.
Isn't life fun.
Isn't life fun.
Windows 11 Home 22H2
Regards,
George.
-
- Administrator
- Posts: 78464
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Have i been pwned?
By the way, was your Gmail account itself hacked, or a site where you used your Gmail account to register? If the latter, that would only pose a serious problem - apart from that specific site of course - if you used the same password on that site and on other sites.
A long time ago, I joined the Malwarebytes forum to ask a question, using my Gmail address. Malwarebytes was hacked some years later, but since I use a totally different password for each site, the problem was contained. I only needed to change my password for the Malwarebytes forum. There was no need to abandon the Gmail account.
A long time ago, I joined the Malwarebytes forum to ask a question, using my Gmail address. Malwarebytes was hacked some years later, but since I use a totally different password for each site, the problem was contained. I only needed to change my password for the Malwarebytes forum. There was no need to abandon the Gmail account.
Best wishes,
Hans
Hans
-
- 5StarLounger
- Posts: 1021
- Joined: 23 Jan 2011, 01:52
- Location: Witness Protection Program.
Re: Have i been pwned?
Here is the info I was given:-
I was warned by Avast and know for certain I changed my 2 passwords (same one for both Forum & Account)
-
In Utorrent, I have not used any of its features since file sharing ended.
I am guilty of using the same Username on many sites, a different mail address occasionally but never the same password.
I was warned by Avast and know for certain I changed my 2 passwords (same one for both Forum & Account)
-
In Utorrent, I have not used any of its features since file sharing ended.
I am guilty of using the same Username on many sites, a different mail address occasionally but never the same password.
You do not have the required permissions to view the files attached to this post.
Windows 11 Home 22H2
Regards,
George.
-
- Administrator
- Posts: 78464
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Have i been pwned?
The same username is not a problem since you use different passwords.
The breaches described here are of the same type as the one I described for Malwarebytes. Your Gmail account itself is not compromised - only the usernames on those two forums.
So there is no need to abandon the Gmail account!
The breaches described here are of the same type as the one I described for Malwarebytes. Your Gmail account itself is not compromised - only the usernames on those two forums.
So there is no need to abandon the Gmail account!
Best wishes,
Hans
Hans
-
- 5StarLounger
- Posts: 1021
- Joined: 23 Jan 2011, 01:52
- Location: Witness Protection Program.
Re: Have i been pwned?
-HansV wrote: So there is no need to abandon the Gmail account!
You have just made an oldish man very happy.
You do not have the required permissions to view the files attached to this post.
Windows 11 Home 22H2
Regards,
George.
-
- 4StarLounger
- Posts: 453
- Joined: 04 Feb 2010, 03:40
Re: Have i been pwned?
Thanks! I had no idea some site I hadn't used for years got hacked. So changed everything.
When one cat leaves, another mysteriously shows up.
-
- UraniumLounger
- Posts: 9281
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Re: Have i been pwned?
If one should find that one or more of his email accounts has been 'pwned' what should he do?
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |
-
- Administrator
- Posts: 78464
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: Have i been pwned?
That depends. The main thing is that you change the password at the hacked site and at all other places where you used the same password.
- If the email provider itself has been hacked, you should immediately change the password of your email account, and of all other places where you used the same password, regardless of the username. You don't need to abandon the email account, unless you have indications that your email messages have been tampered with; in that case it'd be best to start a new account.
- If a site was hacked where you used the email account to register, you should immediately change the password you used at that site, and at all other places where you used the same password, regardless of the username. But you don't need to change the password of the email account, unless it was the same as the one you used at the hacked site.
So the impact is minimal if you use a different password at each site.
- If the email provider itself has been hacked, you should immediately change the password of your email account, and of all other places where you used the same password, regardless of the username. You don't need to abandon the email account, unless you have indications that your email messages have been tampered with; in that case it'd be best to start a new account.
- If a site was hacked where you used the email account to register, you should immediately change the password you used at that site, and at all other places where you used the same password, regardless of the username. But you don't need to change the password of the email account, unless it was the same as the one you used at the hacked site.
So the impact is minimal if you use a different password at each site.
Best wishes,
Hans
Hans
-
- UraniumLounger
- Posts: 9281
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Re: Have i been pwned?
Thank you, Hans!
I never use the same password for more than one thing. I'll have to investigate what sites were compromised to see which ones need to be addressed.
I never use the same password for more than one thing. I'll have to investigate what sites were compromised to see which ones need to be addressed.
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |
-
- Administrator
- Posts: 12604
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Have i been pwned?
Also be wary if you use a theme to define passwords. Like Mon8769 Tue8769 etc. You must use completely different passwords to be safe
StuartR
-
- UraniumLounger
- Posts: 9281
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Re: Have i been pwned?
Thanks, Stuart.
I use a password generator (KeyPass) to generate long, complex passwords containing spec. char. upper and lowercase and numerics.
I use a password generator (KeyPass) to generate long, complex passwords containing spec. char. upper and lowercase and numerics.
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |
-
- Administrator
- Posts: 12604
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: Have i been pwned?
That's what I do too, it is a good idea.BobH wrote:I use a password generator (KeyPass) to generate long, complex passwords containing spec. char. upper and lowercase and numerics.
StuartR
-
- Microsoft MVP
- Posts: 1318
- Joined: 24 May 2013, 15:33
- Location: Warminster, PA
Re: Have i been pwned?
I set up a domain watch at https://haveibeenpwned.com" onclick="window.open(this.href);return false; for the subdomain that includes my website and a handful of email addresses. It notified me that the address sales@<my domain> appeared in a breach list. The only problem with that is that the address doesn't exist. Some creative hacker must have grabbed the domain name from somewhere and assumed that all websites have a "sales@" address. Of course, spammers don't really care how many of their messages bounce, but I hope they spent a lot of money for that breach list.