EPTBlizzard Security Breach - Page 3
| Forum Index > SC2 General |
|
Raskit
579 Posts
| ||
|
larse
1611 Posts
LOL. Blizzard so implicitly points out suspect's location. | ||
|
zhurai
United States5660 Posts
On August 10 2012 08:02 larse wrote: "outside of China." LOL. Blizzard so implicitly points out suspect's location. narrows down so many countries! | ||
Shellshock
United States97276 Posts
| ||
Epoxide
Magic Woods9326 Posts
On August 10 2012 07:42 mataxp wrote: As a PSN user, dejá vu Or GomTv | ||
|
Naphal
Germany2099 Posts
| ||
|
skyR
Canada13817 Posts
| ||
|
R1CH
Netherlands10341 Posts
| ||
|
R1CH
Netherlands10341 Posts
On August 10 2012 08:06 skyR wrote: Why the hell would you encrypt passwords but not secret answers? sigh Blizzard. Because CSR need to know what the correct answer is? | ||
|
teamamerica
United States958 Posts
On August 10 2012 07:54 An2quamaraN wrote: They say that cause they want you to think that hackers can't use information they actually stolen. In reality, they could very well know your password already. All you need to decrypt an encrypted pass is a good machine. What? No - it depends on how they hashed the password. Some hashes are vulnerable to being cracked just by a normal desktop computer with a decent GPU in a day, others aren't. Even ones that aren't designed to be resistant to brute force can have such a large input space it'll take too long to crack to matter really. I'm not saying they aren't being stored using a weak hash function (something like md5 but that's old/outdated) but unless you know otherwise, why say that? | ||
|
Shenghi
167 Posts
On August 10 2012 07:43 Hokay wrote: Noooo not my secret questions! A lot of sites ask the same secret security questions :X Which is one of many reasons why secret questions are not, like often claimed, an added layer of security, but instead a vulnerability. [Edit] As a sidenote to what I said above the quote, I do have to note that almost nobody uses a secure password. | ||
|
Na_Dann_Ma_GoGo
Germany2959 Posts
Man this sucks, I hope they won't be able to do too much damage with the encrypted passwords. But eMail adresses, oh lord. Even more spam and phishing mails. | ||
|
ODKStevez
Ireland1225 Posts
| ||
|
IMABUNNEH
United Kingdom1062 Posts
| ||
|
Lowenhertz
United Kingdom4 Posts
atleast they brought it to light quickly | ||
|
R1CH
Netherlands10341 Posts
On August 10 2012 08:08 Shenghi wrote: Assuming Blizzards implementation of the RSP-protocol is correct and they use sufficiently large numbers, and there is no reason to assume otherwise, then the passwords of the NA accounts are still just as safe as they were before, with the minor difference that more attempts at breaking them could now be made per second. However, for strong passwords this doesn't matter, as strong passwords take billions of years to break anyway. While SRP is very secure, there are many services (like the battle.net website) that can't use SRP, so it seems reasonable to conclude that some password-equivalent data is stored somewhere and that it could have been leaked. | ||
|
CableSCES
United States367 Posts
gonna be changing pass... | ||
|
shin_toss
Philippines2589 Posts
| ||
|
Cele
Germany4016 Posts
| ||
|
Xpace
United States2209 Posts
| ||
| ||
