PDA

View Full Version : Change your KS Password(s)



hex_colin
02-15-2014, 02:58 PM
Change your KS password(s)!!!

https://www.kickstarter.com/blog/important-kickstarter-security-notice

MDRockstar
02-15-2014, 03:01 PM
Thanks for the info!

Xenavire
02-15-2014, 03:02 PM
So this is Kickstarter accounts, not Hex accounts right? Thats pretty major for a lot of people here.

(At times like this I am glad I had no choice but to use paypal.)

hex_colin
02-15-2014, 03:08 PM
So this is Kickstarter accounts, not Hex accounts right? Thats pretty major for a lot of people here.

(At times like this I am glad I had no choice but to use paypal.)

Yeah, Kickstarter. Agreed - most of us got here through KS. And... most of us use KS quite a bit ;)

I also changed my Amazon password to be safe. Not the same as my KS passwords, and almost certainly not stored on their servers, but you can never be too cautious!

Kami
02-15-2014, 03:15 PM
For those wondering about encryption old passwords used salted SHA1, digested multiple times. More recent passwords use bcrypt. - Kickstarter (@kickstarter) (https://twitter.com/kickstarter/statuses/434804053013323776)

Not as big a deal as in the past with other companies. At least their password encryptions on par.

More concerning is that the compromised data includes mailing address + phone number. That's enough to social engineer many other places.

Overall, not too concerned about this particular breach. Payment info wasn't touched as far as they could tell either.

Sullemunk
02-15-2014, 04:31 PM
New card: Security Breach, quick action, set target troop's defence to 0 for 1 turn

Xenavire
02-15-2014, 05:04 PM
New card: Security Breach, quick action, set target troop's defence to 0 for 1 turn

0 defence would kill it. Maybe set it to 1, or set it to 0 but it cannot be sent to the graveyard because of having 0 defence.

MoikPEI
02-15-2014, 07:03 PM
In this context, wouldn't Security Breach reveal information? Like, (1)BBB Instant, target opponents reveals all sources in their hand?

Xenavire
02-15-2014, 08:23 PM
In this context, wouldn't Security Breach reveal information? Like, (1)BBB Instant, target opponents reveals all sources in their hand?

Now thats an idea... Perfect for a PvE card, I remember hearing about a certain dwarven supervillian that might have a use for that...

ossuary
02-15-2014, 09:45 PM
Use this handy guide to help you in choosing your new password: http://xkcd.com/936/

http://imgs.xkcd.com/comics/password_strength.png (http://xkcd.com/936/)

... personally, I usually end up with something like "notoldpassword" ;)

Kroan
02-16-2014, 04:24 AM
I use KeePass's random password generator. I have no idea what my actual password is for most sites.

QuantumZeruul
02-18-2014, 12:34 AM
I personally use Last Pass myself for the random keys, but I would recommend everyone check out https://www.grc.com/haystack.htm for some good information about good ways to improve your passwords.