Contact Forum Editor

Send an email to our Forum Editor:

PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Speakers Corner

It's free to register, to post a question or to start / join a discussion

View Forum Rules | Contact Forum Editor

 

Twitter accounts hacked, including encrypted ones

« previous 2 next »

john bunyan
Resolved

Likes # 0

Posted February 2, 2013 at 6:17PM

I hear that a quarter of a million Twitter accounts have been hacked, including some encrypted ones. See:

Twitter BBC

I am not a Twitterer as I think it is a bit narcissistic but if these people can hack encrypted files , is on line banking next?

Like this post
alan14

Likes # 0

Posted February 3, 2013 at 9:25PM

A security specialist gave me a good bit of password advise that I've used for a few years now.

Choose a song you know, take the first line (or two if they're short lines). Take the first letter of each word, and that's your password. Replace i or o with 1 or 0 and keep the correct capitalisation.

Take Stairway to Heaven as an example, that would give this password: Talwsatg1g

Like this post
fourm member

Likes # 0

Posted February 4, 2013 at 9:14AM

alan14

That obviously gives a stronger password than many but I'm surprised at an expert suggesting using 1 and 0 instead of i and o. Surely that is so obvious the professional bad boys must have it in their hacking software.

Like this post
Quickbeam

Likes # 0

Posted February 4, 2013 at 9:31AM

That's far too complicated alan14 to remember once I've forgotten the password and how I created it!

Like this post
john bunyan

Likes # 0

Posted February 4, 2013 at 9:54AM

Are these "password lockers", such as this one below, worth having?

LastPass

Like this post
Quickbeam

Likes # 0

Posted February 4, 2013 at 10:01AM

Not if they get hacked. I'll stick with the password index at the back of LOTRs!

Like this post
Forum Editor

Likes # 0

Posted February 4, 2013 at 11:31AM

john bunyan

I would never use anything that automated password entry or form filling. I do use a little free application called KeePass which stores my passwords very securely on a memory stick. I've used it for a while, and I have confidence in it - even if someone gets the memory stick they'll have a problem getting at my passwords which are encrypted using SHA-256 which is a 256-bit cryptographically secure one-way hash function.

To date there have been no known successful attacks against SHA-256.

Like this post
Forum Editor

Likes # 0

Posted February 4, 2013 at 11:37AM

My sympathies are with Twitter and those affected. By all accounts the attack was a sophisticated affair, carried out by people who knew what they were doing.

I have nothing to do with Twitter - I don't have the time, and I can't for the life of me see the point of it all - but any breach of security like this one sends shivers down the spine of anyone in the IT business who has anything to do with confidential information on databases connected to a web server.

Like this post
fourm member

Likes # 0

Posted February 4, 2013 at 11:58AM

'I don't have the time, and I can't for the life of me see the point of it all'

Exactly what I thought until I started using Twitter.

It's like all the conversations in a pub put together. Some are completely meaningless and some convey useful information or opinions.

People tend to focus on the meaningless because it is easy for some people to mock the idea that X million people are interested in what some reality show wannabee is doing.

Back in the '90s, I told my boss I couldn't see the point of the WWW because, at that time, I hadn't found things that I wanted to do with it.

I'm not proselytizing for Twitter; just saying that I've found it useful.

Like this post
Forum Editor

Likes # 0

Posted February 4, 2013 at 12:45PM

"I'm not proselytizing for Twitter; just saying that I've found it useful."

And I understand that many people do. My point is that I don't have the time for yet another means of interacting with people, most of whom I don't know.

I don't see the point of it because I can already get as much information and as many opinions as I could ever want from the other sources I use, and I can't imagine that many people would be remotely interested in my stream of consciousness. There has to be a limit to the amount of social interacting a person can do in a day, whilst trying to earn a living at the same time.

If I'm going to engage in information and opinion interchange I would rather do it in a way that allows me more than the Twitter character limit. At the moment I'm thinking about blogging.

Like this post
alan14

Likes # 0

Posted February 4, 2013 at 9:44PM

fourm member

But surely the fact that i & o are changed to 1 & 0 is only obvious if you know the password.

Like this post

« previous 2 next »

Reply to this topic

This thread has been locked.



Check out PC Advisor's other tech forums

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story. Both your name and the recipient's name and address will not be used for any other purpose.