OT Yahoo breach

Page 5 of 5  
AL submitted this idea :

If they hacked the server, all they would likely have to do is exhaust the hash's keyspace no matter how many parts were involved in the hash's creation. They've had two years in this case, but it could have been worse.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 25/09/2016 16:34, Taxed and Spent wrote:

> Simple answer: just change it now.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 9/25/2016 10:06 AM, Bod wrote:

That is a simpleton answer.
Is there anybody who can answer the question I raised?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
"Taxed and Spent" wrote
| > Simple answer: just change it now. | | That is a simpleton answer. | | Is there anybody who can answer the question I raised?
It's a simple answer for a dumb question. If you don't know when you last changed your password then who would? If you think Yahoo does then ask them. What other possibilities are there?
Or you could just change your password now. You might also want to consider getting real email (from your ISP, a paid account, or your own domain) and not using Yahoo or other freebie webmail.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 9/25/2016 4:49 PM, Taxed and Spent wrote:

To quote Queen Hillary, "What difference does it make [when you last changed your password (in this context)]?"
There is no penalty for changing your password "too often," the only risk is not changing it often enough and being sloppy with creating it and storing it.
You don't need it to change it with Yahoo.
We can explain it to you but we can't understand it for you.<g>
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

The penalty is forgetting it.
--
Do infants have as much fun in their infancy as adults do in adultery?

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
Taxed and Spent presented the following explanation :

Probably someone at Yahoo! can answer that, but only if there is some record keeping of that sort of thing on their end.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

I doubt a cheap shit free webmail service would bother answering your question. Have you never heard of POP3?
--
ADULT: A person who has stopped growing at both ends and is now growing in the middle.

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
James Wilkinson formulated on Sunday :

What question?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 9/25/2016 5:07 PM, James Wilkinson wrote:

I can access a Yahoo account via POP3. Can't figure it out?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 9/26/2016 7:08 AM, Scott Lurndal wrote:
>> On 9/26/2016 8:14 AM, Mayayana wrote: >>> "AL" wrote
>>> | When I log into Yahoo from a strange (unknown to Yahoo) >>> computer, Yahoo | verifies it's me by texting me a code on my >>> cell phone.
>>> That's a clever idea. I had no idea that webmail companies were >>> now tagging devices.
Two-step verification is used by many organizations From Internet companies to financial institutions. I use it wherever it's offered. It's not perfect but it does add another layer of security to your accounts.
>> Actually, it's not the devices they are "tagging", it's the IP >> address which you are using.
I can log on from any IP (public or private WiFi for example) using my phone (trusted device) without a challenge.
> It's not solely the IP address. They also use the User-Agent string > provided by the browser, and other fingerprinting techniques to > identify the connection as uniquely as possible. There are fields > in the TCP packet whose usage can identify the operating system, for > example.
As close as I could find, a cookie or token is placed on the trusted device. But I couldn't find any links to verify that. Most was from forums/groups and you know how reliable that is... ;)
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Probably. And some I think some are time stamped. When I was imaging/restoring my system frequently I made sure I left my banks's cookie on the system I imaging. That avoided the 2-step. But if I wait too long (maybe a couple months) before restoring the image I have to do the 2-step.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Related Threads

    HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.