Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: my password has been cracked

  1. #1
    Join Date
    Nov 2006
    Location
    Mountain Home, Arkansas
    Posts
    11,697

    my password has been cracked

    I have had my password cracked on Yahoo. :soapbox: Now, instead of my on-line handle 'Rifleman1776' showing, it is "Cracked by Lickey". As near as I can tell, no other damage has been done. I immediately changed to another password. Since it is (was) the same as I used on Pay Pal, I just changed that also. I had thought my password was pretty safe for two reasons. 1) I figured (obviously incorrectly) that no one would want to bother with someone unimportant. Hey, I ain't Eric Baldwin, ya know. and 2) It was a fairly complex password, eleven characters, five letters and six digits.
    It did have one big weakness but, I reasoned, that only someone who knows me very well would have doped it out, like my son, daughter or wife and a couple other people very close to me. It was the first name of my deceased son and his date of death. And the new password is.....
    "Folks is funny critters."

    Think for yourselves and let others enjoy the privilege to do so, too. ~Voltaire

  2. #2
    Join Date
    Jan 2007
    Location
    Rio Rancho, NM
    Posts
    1,417
    Frank,

    You have no idea how sick this post makes me - if someone can crack your password that easily, I guess I'm very vulnerable too with my poor little 6-letter password. After all, I'm someone unimportant too. I hope that the "powers that be" can find out the scum who did this to you.

    Nancy
    Nancy Laird
    dandnspecialties@msn.com
    FWW Registered Voter and Voting Member
    Woodworker, turner, laser engraver; RETIRED!!


    A veteran is someone who, at one point in his life, wrote a blank check made payable to his country for an amount of 'up to and including my life.' If you love your country, thank a vet.

  3. #3
    Join Date
    Dec 2006
    Location
    Punta Gorda, Florida
    Posts
    902
    Frank, You know what is strange? You recently reported that Yahoo said that you needed to change your password and you did and now someone has hacked your password. Things seem to be adding up here.

  4. #4
    Join Date
    Oct 2006
    Location
    ABQ NM
    Posts
    29,091
    Quote Originally Posted by Allen Bookout View Post
    Frank, You know what is strange? You recently reported that Yahoo said that you needed to change your password and you did and now someone has hacked your password. Things seem to be adding up here.
    Ya beat me to it, Allen. My guess is that Frank got phished, not cracked. Either way, it sucks. You did the right thing by changing it on PayPal, Frank.
    When the going gets weird, the weird turn pro. - Hunter S. Thompson
    When the weird get going, they start their own forum. - Vaughn McMillan

    workingwoods.com

  5. #5
    Join Date
    Dec 2006
    Location
    Punta Gorda, Florida
    Posts
    902
    Quote Originally Posted by Vaughn McMillan View Post
    My guess is that Frank got phished, not cracked.
    You are right. Bad choice of words.

  6. #6
    Join Date
    Apr 2007
    Location
    No, not all of SoCal is Los Angeles!
    Posts
    8,983
    26 years in networking. Whoever thought this interest would become a career? Sounds like a clear case of phishing. I'm currently working for the California University system. A favorite around here is the little client you leave behind to capture keystrokes (library computers are a great spot). Then you come back later and collect.

    It may be because of the field I'm in but I:

    • Never enter my username or password on ANY machine except my own, even to check email.
    • Have a different password for EVERY account that I have; bank, email, FWW, Amazon, etc.
    • Change my passwords regularly; don't be scared, you'd be amazed how many passwords you can remember given the alternative.
    • Check accounts regularly that I only use now and then; keep a list of places you have accounts in a text file on your computer to help you remember. Long idle accounts are fair game for brute-force-over-time attacks.
    • Change my password the first chance I get if I ever have to give it to anyone in an emergency. They may not be bad guys but they may have jotted it down and left it behind at the internet café.
    • Never even open an email if I don't know who it is from. Everyone I know is aware that if you send me an email and expect me to open it the 'subject' had better be VERY clear. Otherwise it goes straight in the dumper.


    Remember, just because you're paranoid doesn't mean they're not out to get you ;-)

  7. #7
    Join Date
    Jan 2007
    Location
    MX
    Posts
    146
    Those are some good tips Glenn,

    These are the ones that I already have been doing, I will keep the others in mind though.

    • Have a different password for EVERY account that I have; bank, email, FWW, Amazon, etc.
    • Change my passwords regularly; don't be scared, you'd be amazed how many passwords you can remember given the alternative.
    • Change my password the first chance I get if I ever have to give it to anyone in an emergency. They may not be bad guys but they may have jotted it down and left it behind at the internet café.
    • Never even open an email if I don't know who it is from. Everyone I know is aware that if you send me an email and expect me to open it the 'subject' had better be VERY clear. Otherwise it goes straight in the dumper.
    To add to that list. If I ever forget a password and have to have it sent to me, by email or whatever, I immediately change it as soon as I get back into my account.

    You never can be too careful on these interwebs. Not everybody is a snake, but that doesn't mean that they aren't hiding in the bushes nearby.

  8. #8
    Join Date
    Feb 2007
    Location
    Inside the Beltway
    Posts
    2,666
    Gentlemen,

    We may wish to revise the phishing diagnosis. True, there's something to be said for it at first glance. But let us not forget that just a couple weeks ago Frank was complaining about how slow his machine was. There wasn't enough evidence at the time to openly suggest someone had dropped a trojan on his box, much less to think it had been turned into a spam server, and it was slow because it was busy dishing things out, even though literally millions of machines have been won in this manner and turned into nodes. But this latest incident makes me wonder. His machine was slow, his password was good... too good for any brute force or dictionary attack. This would indicate to me at least the possibility of a keystroke logger.

    I know there are a number of experts in the field reading this, everything from forensics guys to code warriors. Any concurring or opposing arguments? If we dismiss it as phishing, Frank may still be vulnerable...

    Thanks,

    Bill

    (ps. Glenn, 60 miles *east* of joshua tree? Don't tell me you're driving all the way to riverside every day?
    Last edited by Bill Lantry; 05-09-2007 at 03:19 AM.

  9. #9
    Join Date
    Nov 2006
    Location
    Oak Harbor Washington on Whidbey Island
    Posts
    3,083
    Quote Originally Posted by glenn bradley View Post
    Remember, just because you're paranoid doesn't mean they're not out to get you ;-)

    They won't Glenn I don't put any personal information on my computer. They could steal the computer & not get anything that would hurt me. Don't bank on line, Don't purchase on line, don't do any business on line. I use Quicken for keeping track of banking but enter false bank name & give the banks account a false name too.

    I have never had a problem operating this way & using the heck out of a cross cut shredder. Anything with a name address or personal information gets shredded.
    "Forget the flat stuff slap something on the spinny thing and lets go, we're burning daylight" Bart Leetch
    "If it ain't round you may be a knuckle dragger""Turners drag their nuckles too, they just do it at a higher RPM"Bart

  10. #10
    Join Date
    Nov 2006
    Location
    Mountain Home, Arkansas
    Posts
    11,697
    Y'all got me concerned now. I'm sure you (all) are right on target with the phishing thing. Yahoo did (officially) request the password change, I went through their site to make the change. I follow most of the advice regarding passwords. But, I have (had) only three and did not change. What strikes me as very strange is that my Yahoo e-mail and settings profiles do not include the "Cracked by Licky" name anywhere. But it still appears when I post to a Yahoo group. I'm wondering if this jerk/hacker got into the Yahoo server/codes/whatevers. And, also wonder if maybe he is actually a super-jerk working for Yahoo. I do much purchasing, bill paying, Pay Pal-ing, etc. from the Internet. Despite this experience, I will continue to do so. I once saw a study that claimed that internet financial transactions were something like 10 million times more secure than sending a check through the mail in a paper envelop. Everything has risks. I do believe a formating will be happening soon. Hate to. That backing up and then reinstalling business is a time consuming hassle. I may kid some about geeks, but there is some real talent here. Thanks for the input guys.
    "Folks is funny critters."

    Think for yourselves and let others enjoy the privilege to do so, too. ~Voltaire

Similar Threads

  1. This cracked me up this morning
    By Rob Keeble in forum Off Topic Discussion
    Replies: 2
    Last Post: 04-03-2015, 12:37 AM
  2. cracked cabinet door
    By ted heid in forum Finishing School
    Replies: 9
    Last Post: 02-20-2014, 02:04 PM
  3. Corian counter cracked - new pix
    By Carol Reed in forum Carpentry and Construction
    Replies: 20
    Last Post: 11-21-2012, 01:51 PM
  4. cracked grinding wheel
    By Frank Fusco in forum General Woodworking Q&A
    Replies: 16
    Last Post: 01-23-2007, 10:42 PM
  5. Cracked Bedrock
    By Steve Clardy in forum Neander Woodworking Q&A
    Replies: 10
    Last Post: 11-08-2006, 04:46 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •