If you use transferwise change your password
#1
If you use transferwise change your password
Transferwise was affected along with many other sites by the cloudbleed bug.
https://github.com/pirate/sites-usin...ster/README.md
https://github.com/pirate/sites-usin...ster/README.md
#2
Re: If you use transferwise change your password
It's worth while saying that if you don't already, please use a password manager with unique passwords.
#3
I have a comma problem
Joined: Feb 2009
Location: Fox Lake, IL (from Carrickfergus NI)
Posts: 49,598
Re: If you use transferwise change your password
Also, did you know that if you type your password within the tags [PWORD][/PWORD] it will appear like this on screen: ************?
Try it. It works with credit card numbers, too!
Please don't really try it. I don't want to get in trouble.
Try it. It works with credit card numbers, too!
Please don't really try it. I don't want to get in trouble.
#4
Re: If you use transferwise change your password
****
Last edited by tom169; Feb 27th 2017 at 3:54 pm. Reason: Crap I didn't realize it was a troll
#5
Re: If you use transferwise change your password
I don't even store 'actual' passwords in the manager, but rather, a derivative, so that if the password manager were hacked, the hacker wouldn't get the goods.
What's the point ... where would you type this and why?
Last edited by Steerpike; Feb 27th 2017 at 4:29 pm.
#6
Re: If you use transferwise change your password
For those not entirely tech savvy, isn't the use of a password manager an even greater vulnerability, if the password manager itself gets hacked? I personally use a local password manager, and disable all 'automation' (ie, don't let it match sites and pre-fill usernames and passwords), but I've seen many password managers that are themselves hosted, and are quite 'clever' in that they will detect the site you are on, and pre-fill the relevant info as a user convenience ... very convenient but also susceptible to hacking.
What's the point ... where would you type this and why?
What's the point ... where would you type this and why?
Also a lot of people will now use apps on multiple devices, having a local password manager can make this difficult for some people.
#7
Re: If you use transferwise change your password
The password managers that pre-fill are better for the not so tech savvy. If you land on a phishing site it will not pre fill the fields and alert the person that something has changed. So good and bad.
Also a lot of people will now use apps on multiple devices, having a local password manager can make this difficult for some people.
Also a lot of people will now use apps on multiple devices, having a local password manager can make this difficult for some people.
This truly is one of the bigger challenges facing the internet today ... so many sites, so many logins, so many different rules on different sites.
#8
Re: If you use transferwise change your password
If you got malware on your device how easy would it be for all your password to be compromised?
A hosting company will have higher level security than most people have on their home PC, but a hosting company will be a bigger target.
Email password are the most valuable, so use MFA whenever possible.
A hosting company will have higher level security than most people have on their home PC, but a hosting company will be a bigger target.
Email password are the most valuable, so use MFA whenever possible.
#9
Re: If you use transferwise change your password
The key point is not re-using passwords and keeping passwords strong. The best solution would be remember them all in your head, but that isn't possible for most people.
Password managers that store the information remotely so that it can be syndicated across devices generally have some key that isn't stored on the server, but instead on the device. That means that if the server is compromised then all what someone would see is the encrypted passwords.
2 factor authentication should be in place using a secured device for both accessing the password manager and any website (where possible).
Password managers that store the information remotely so that it can be syndicated across devices generally have some key that isn't stored on the server, but instead on the device. That means that if the server is compromised then all what someone would see is the encrypted passwords.
2 factor authentication should be in place using a secured device for both accessing the password manager and any website (where possible).
#11
Re: If you use transferwise change your password
We should also stop using the word password and use passphrase instead. It's an old habit to break
#13
Re: If you use transferwise change your password
For those not entirely tech savvy, isn't the use of a password manager an even greater vulnerability, if the password manager itself gets hacked? I personally use a local password manager, and disable all 'automation' (ie, don't let it match sites and pre-fill usernames and passwords), but I've seen many password managers that are themselves hosted, and are quite 'clever' in that they will detect the site you are on, and pre-fill the relevant info as a user convenience ... very convenient but also susceptible to hacking.
I don't even store 'actual' passwords in the manager, but rather, a derivative, so that if the password manager were hacked, the hacker wouldn't get the goods.
I don't even store 'actual' passwords in the manager, but rather, a derivative, so that if the password manager were hacked, the hacker wouldn't get the goods.
#14
Re: If you use transferwise change your password
https://www.theguardian.com/technolo...8m-data-breach
There is an update for keepass
The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to execute arbitrary code by spoofing the version check response and supplying a crafted update.
https://web.nvd.nist.gov/view/vuln/s...pe=all&cves=on
Last edited by mrken30; Feb 27th 2017 at 9:13 pm.
#15
Forum Regular
Joined: Jul 2016
Posts: 143
Re: If you use transferwise change your password
It's more fun when you have 10 different passphrases memorised in your head, but after a while away from some sites, you'll forget which of those you used!!
I know a lot of people who use passphrase apps etc, but I wouldn't trust it myself at all!
I know a lot of people who use passphrase apps etc, but I wouldn't trust it myself at all!