[outages] eBay password changes -- were they attacked?
Jeff Palmer
jpalmer at star2star.com
Tue Apr 5 12:44:32 EDT 2016
If it's a phishing scenario, no matter how they store and protect
passwords, they'd be compromised.
Keeping in mind, this is not confirmed, and at this point is pure
speculation.
As for who made them the password police, that is one of the inherent
duties in providing such a service. If they knew your account was
compromised and did nothing about it, you'd be emailing with a very
different attitude.
On Apr 5, 2016 12:20 PM, "Joey Kelly via Outages" <outages at outages.org>
wrote:
> On 04/05/2016 10:51 AM, DJ Anderson via Outages wrote:
> > I got one of those a few weeks ago.
> >
> > When I inquired about it I was told that the password I was using was
> found on some leaked password list and due to that they had set a temporary
> password to protect my account.
> >
> > -DJ
>
>
>
> Does that not imply they are not using salted hashes, but storing the
> passwords in plaintext? Or maybe they're intercepting the passwords and
> testing them against a dictionary? I might be OK with the latter, maybe
> (but who appointed them to be the world's password police?)
>
> --Joey Kelly
>
>
> <snip>
>
> --
> Joey Kelly
> Minister of the Gospel and Linux Consultant
> http://joeykelly.net
> 504-239-6550
> _______________________________________________
> Outages mailing list
> Outages at outages.org
> https://puck.nether.net/mailman/listinfo/outages
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages/attachments/20160405/914941a1/attachment.htm>
More information about the Outages
mailing list