THIS IS RELATED TO VIDEOGAMES AND THE SECURITY OF THE ANONS ON/V/

Patreon as well.

>changed all my passwords during the last big leak
>someone from china changed my wallmart.com password
>someone from china signed me up for Curse

>Lastpass
Except they don't use Cloudflare, faggot.

who is this girl i want to fap to hentai of her

>changing your password before sites fix the issue
Enjoy giving them your new password.

Steam doesn't use cloudflare, and I changed my passwords for my emails, so I should be safe.

I have like a metric buttload of passwords, and I never use the same one twice.

>using a password manager at all
>having to save your passwords somewhere

Literally fucking retarded.

how the fuck does someone get into your bank account with a password

Post the link to see compromised sites. Also how do I log off Discord? I use it for one specific thing because I honestly hate it but still

>doesn't recognize the benefits of an escrow
Enjoy your tinfoil.

Is no one reading OP's post?

I never use the same password on any website, that's pretty stupid, also always turn on two step verification when possible, I have both my Google and Steam accounts with mobile two step verification.

oh no my Sup Forums account

Has it been confirmed if HumbleBundle used the filter thingy?

Nigga, virtually everything needs its own account nowadays. If you go online these days, you have at least 12 different logins to memorize. Possibly more. Not to mention they're extra complicated to ensure nobody guesses them. How do you keep track of this shit?

I don't even use a password manager since keeping those passwords somewhere on my machine makes me nervous. Just interested how you people deal with this stuff.

Same. I have a little hidden safe box containing logins and passwords.

What about OP's post? Don't reply to me unless you're gonna be specific.

>nobody asks for source

He understands that the metric buttload can becompromised, but he does not care because the sites associated are not critical, like his email is. This is ok, people are allowed to have different threat models than you.

github.com/pirate/sites-using-cloudflare

It's true though

github.com/pirate/sites-using-cloudflare

"Steam doesn't use cloudflare" is literally a point OP tries to make. It doesn't matter if Steam doesn't use cloudflare, why do you think it wasn't listed?
The point is IF you use one of those sites, and it has the same account/pw as your Steam, you may be fucked.
You probably use 2FA so your Steam is fine,but it's still a concern for other shit.

You can reply to me and my son.

Because we aren't all lazy shits that need to be spoonfed. You can and should be able to validate this yourself. If you don't care to, then it's on you and doesn't effect anybody else.

Do you live under a rock or something? The Cloudflare data leak was news on every tech site yesterday.

Original poster here. That's pretty much the gist of what I'm talking about. I don't care if I lose my Phantasy Star Online account, as I've long since stopped playing, and I used a completely different pass and login.

If that was your argument, then I apologize for being rude. Not a single one of them shares my pass and login for steam.

So where can I find these password dumps?

>TFW Reuse my password endlessly

>TFW Except for things that have my Credit Card attached

Please just take my battle net account away from me, I need an excuse to never play again.

>hack email
>go to bank website
>"forgot password"
>go to paypal website
>"forgot password"

All someone needs to do is access your email for your life to be over.

They can change all your recovery settings too.

Good luck speaking with customer service for an email provider these days. Everything is fucking automated.

Heh, fools ...

Literally 0.00003% of requests could have been compromised IF someone knew what to look for, IF the data was sent to that particular user. The majority of requests contain no sensitive information. Very few caches were actually leaked before news got out.

You have an /extremely/ low chance to be affected by this. Of course, everyone is spreading FUD for clicks.

Considering Microshit Bing hasn't clear their cache yet, you can get them there. Or you could try to find them on an archive site where they haven't clear yet.

happened to me during the last big leak. Dont count yourself out. I had to call out of work to try and save everything i had since they got into my paypal and tried sending money to their Chinese accounts.

Is this true?

>Good luck speaking with customer service for an email provider these days. Everything is fucking automated.
Thanks for reminding me to switch off gmail

Your bank doesn't have 2 step authentication?

>imply there is a "Cloudflare Hacker"
It was a bug found by google's project 0 day and was responsibly disclosed. There is no "Hack" involved, dumbass.

>not using a mobile authenticator

For someone to hack into my email they would need to physically steal my phone.

Man I don't fucking care. I have no valuable information on any of those.

>Is this true?
It's not, I was just stiring shit. This is an issue with cloudflare and they already patched it, so further disclosures shouldn't happen for this instance.

>Just interested how you people deal with this stuff.

On paper in an inconspicuous journal on a shelf full of regular books.

Yeah sure someone could theoretically break in and steal it if they knew what to look for, but at that point I'd be more concerned about my home being burgled than someone making off with my Steam ID.

NOOO NOT MY TRIPCODES

Should I even care about Humble Bundle if I use 2 step verification? It's not like whoever gets my HB password will be able to enter the account if he doesn't have the authentication code sent to my email.

oh dear

*Hacks you into this pear

my email provider at the time did not have 2FA until a week after it happened.

My email account was made in 1998 and never received spam or was ever compromised until then.

muh AOL

>AOL
It was my own fault my shit was hacked for reusing an old password. Other than that, ive never had any problems with it, and i never have trouble receiving emails.

now all i get are fake "your steam account has been banned!!!" emails because they think theyll fool me into clicking that shit.

I love sucking cocks

At the end of the day, you can't really get rid of the threat of forgetting the passwords or them being compromised. You can only transfer the risk to something acceptable depending on YOUR situation. There is no one size fits all solution, so password managers, physical storage or any of the other options my work for someone else if not you as long as you know what your risk are.

THIS

fuck OP for spreading panic
this is nothing to worry about

Is there a quick way to test whether a domain not on the Github list is using Cloudflare or some other reverse proxy?

Are there really people who seriously use the same password to everything?

my bank considers rooted phones unsafe so can't use it. there's work arounds for that but i'll stick with the old school paper authenticator as long as it's available. probably actually safer than mobile authenticators.

Still, never hurts to be prepared.

>always forget passwords
>end up having to send reset link to email

>physically steal your phone

there was a thing where big youtubers were getting hacked and they used a different tactic

i think the hackers posed as the youtuber and got the service provider to send them a new sim card or something?

>okcupid compromised
NOOOOOOOOOOOOOO

faggots BTFO

how do i change my Sup Forums password? :3

Delete system 34. That'll bring you a password reset. ;D

>Paypal is safe
>Gmail is safe
>Bank is safe

It's literally nothing, why are people panicking.

You're not fooling me!

>Log into email.
>A bunch of chinks and mexicans tried to access my email
>They all failed

Stupid people put their personal information into other sites and then use the same password for everything.

This, I use unique passwords for anything remotely financial but I use a single password for everything else.
I literally couldn't care less if someone hacks my Discord account.

Thanks for the notice. I really should be changing my passwords into something more secure anyways, so I guess this is a good motivation to do just that.

That's fine. The problem is when you use the same password for stupid sites but also for important sites, like paypal, e-mail etc. I have 8 different passwords for my most important stuff that I change every 6 months. Then I have 2 easy as fuck passwords for dumb accounts on all other sites.

Even if someone got into my account on a store and wanted to buy something for $500, they can't buy anything since they also need my PayPal account which has a completely different password.

even if it is nothing it has got me off my ass to secure all my valuable passwords.

basically
>bank
>Steam

ban russians from the internet and shit will forever be safe.
make the internet great again.

Knowing a password isn't remotely enough to get into any decent bank account. And Literally nothing else has any major significance. Paypal is probably the most dangerous but for a variety of reasons I just don't use that anymore.

This. Most banks require some sort of personal ID. And unless you are retard and make it facebook tier.

IE: Fathers first name, Name of school

I use random sentences in my passwords. Like Best Friends name: Roxas.
Name of School: Hogwarts

Shit like that.

>

I try to incorporate pig latin into my passwords.

Yeah when they as me "What's the name of your first pet?" the correct answer is "You're mother"

Don't you guys have this small electronic thing with numbers on it that you use to login to a bank and make transactions with?

Like, when I make a transaction in the bank there's a number I type into this little electronic thing and then a new number pops up on the electronic thing and I type that into the webpage and boom, done.

100% secure. pic related

What's a good open source password manager I can use on both windows and linux to handle that?

Yes.
It's called my phone.

Pic related.

I just use a USB drive to store my passwords. Gotta use standard text documents too, since Windows automatically saves Word documents.

Keepass. It can be used on Windows, Linux, OSX, iOS, Android and probably Microsoft phones.

That's not what a password manager is for anons.
I want a tool to generate 32-characters passwords on the fly, plug them in automatically into the websites and services I tell it to, and store everything on an encrypted file I can keep on a hosting service like google drive or onedrive.
Thanks.

I use one of these and a bunch of note cards. You can freely reorganize them alphabetically or however you want, can add new ones easily, and can tear up and replace them as you need.

>32-characters passwords
Most websites won't support such a thing. A random string of 10-12 is easy to write down and if you type it 50 or so times you'll probably get the muscle memory down well enough.

i just slam the keyboard and then write it down

Password length is just as important as character pool size.

>bank website
>forgot password
That's a shit tier bank and you shouldn't use it

Sure but 10 characters incorporating upper case, lower case and numbers will be more than strong enough against any current or foreseeable future brute force attacks. Symbols are a bonus too.
32 characters is absurd overkill and most websites won't allow it to save of database space.

Yeah my computer doesn't have one of those
And contactless suddenly became big so I don't even need to use my PIN at shops anymore

My gmail and hotmail have separate passwords and any attempt to change the setting of one asks for permission from the other.
Should be fine unless both get compromised at the same time and the attacker knows about both.

>tfw use the same password for everything
im fucking sweating right now, changing my passwords asap

Lots of websites I use don't support passwords longer than 12 characters.

LastPass and Keepass are fine. LastPass doesn't use cloudfare and keepass is all done offline.

das cruel mang

what

Search for the image on google :^)