Jump to content

Security Breach


Recommended Posts

Either way, everything was encrypted and you should still consider on changing your passwords...

By the way, I heard one of the MTA Admin or Dev was working on a new Forum/Community/Bugs site for MTA.

Seen by this anyways http://login.mtasa.com/

Well that's just someone testing the sub-domain probably, no other reason for having a Google layout there, unless they're working on authenticating through Google in the future (which I'd like a lot).

Link to comment
  • 2 weeks later...

Changing your password is the best thing you can do right now, hash functions are made to be extremely fast to calculate so using them to secure passwords aren't smart at all. Still tho, most forum software does exactly that including phpbb, mybb, smf etc.. Generally, the longer password you have the longer time it takes to crack it as a cracker needs to try all combinations, a few examples can be found here: https://hashcat.net/oclhashcat/#performance.

To crack all passwords built by 6 characters you would only need a couple of seconds on a normal gaming PC. If the cracker used to mine bitcoin he'll probably crack all passwords a hundred times faster. So at this moment he's probably done cracking all the passwords here, although I don't think it's a big threat for the average members as the cracker can't do much more than post or edit some details, the important thing is that all administrators and moderators around here update their passwords.

Link to comment

Yea that's true,

the big threat goes to Admins and Mods but it's also a threat to us because if the cracker follow our usernames anywhere else other than here.

Like me, I use the same username on most sites but change password to something different; but others might use the same password for their username.

Link to comment
Yea that's true,

the big threat goes to Admins and Mods but it's also a threat to us because if the cracker follow our usernames anywhere else other than here.

Like me, I use the same username on most sites but change password to something different; but others might use the same password for their username.

The general rule is that you never trust anyone. For that reason alone you might want to consider having a different password on every site. If people have the same password everywhere, then that's more or less their own problem. You can never trust anyone, because everything is vulnerable to human error.

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...