Official Everybody Edits Forums

Do you think I could just leave this part blank and it'd be okay? We're just going to replace the whole thing with a header image anyway, right?

You are not logged in.

#51 2019-07-23 07:46:03

icepegasus
Member
Joined: 2015-08-21
Posts: 86

Re: Data Security Breach 2 - Please Update Your Passwords

XxAtillaX wrote:

Player.IO does infact hash passwords, and it does convert to lowercase prior to hashing, which rules out any ridiculous compromise of Player.IO

It explains why logging in to ee is case insensitive, but even so the leaked passwords were all case sensitive


user.php?id=icepegasus

Offline

#52 2019-07-23 08:18:28

raprap
Member
Joined: 2015-02-20
Posts: 34

Re: Data Security Breach 2 - Please Update Your Passwords

good thing i'm not in there

Offline

#53 2019-07-23 09:43:04

peace
Member
From: admin land
Joined: 2015-08-10
Posts: 9,226

Re: Data Security Breach 2 - Please Update Your Passwords

maby staff acoutneds needs an extra security like after you guessedthe email and password you need to do another thing to verify youre the staffmember this could saty if ur ex staffmember for a while if there are still ways that you as ex staffmemeber can get acces to something a hacker coudl use nicely


peace.png

thanks hg for making this much better and ty for my avatar aswell

Offline

Wooted by:

#54 2019-07-23 11:21:52

NoNK
Member
Joined: 2019-07-13
Posts: 922

Re: Data Security Breach 2 - Please Update Your Passwords

Early 2019: Wow I hope EE comes soon
Mid 2019: Haha yes! My password hasn't been leaked this is awesome

Offline

#55 2019-07-23 11:22:55

Nebula
Guest

Re: Data Security Breach 2 - Please Update Your Passwords

NoNK wrote:

Early 2019: Wow I hope EEU comes soon
Mid 2019: Haha yes! My password hasn't been leaked this is awesome

Even awesome might to come if the account isn't been leaked.

#56 2019-07-23 11:55:24

Charlie59876EE
Member
Joined: 2016-06-18
Posts: 137

Re: Data Security Breach 2 - Please Update Your Passwords

Processor wrote:

I got a peek at the used passwords by Xenonetix and bytearray and both were terrible passwords that could have been easily guessed.
While these passwords were likely not the same ones used on PlayerIO, they show you the general approach staff takes with security.

How did you get access to these passwords? were they leaked as well? also if the passwords have been changed, could you tell me what they were? no reason im just curious


When your energy refills...
mfe5hE8.png

Offline

#57 2019-07-23 12:00:51

Gosha
Member
From: Russia
Joined: 2015-03-15
Posts: 6,211

Re: Data Security Breach 2 - Please Update Your Passwords

Charlie59876EE wrote:

also if the passwords have been changed, could you tell me what they were? no reason im just curious

q0kaNnj.jpg

Offline

#58 2019-07-23 12:52:59

capasha
Member
Joined: 2015-02-21
Posts: 4,066

Re: Data Security Breach 2 - Please Update Your Passwords

icepegasus wrote:
XxAtillaX wrote:

Player.IO does infact hash passwords, and it does convert to lowercase prior to hashing, which rules out any ridiculous compromise of Player.IO

It explains why logging in to ee is case insensitive, but even so the leaked passwords were all case sensitive

Did you read? Every password are converted to lowercase. If you make a password uppercase it will automatic be lowercase in all games.
Whcih mean PIO's security to password is ****. How the hack was made, so didn't they bruteforce the passwords. Because the password is both in uppercase and lowercase.
For me is there a backdoor or a swf that got added which collected passwords.

Offline

#59 2019-07-23 16:44:58

peace
Member
From: admin land
Joined: 2015-08-10
Posts: 9,226

Re: Data Security Breach 2 - Please Update Your Passwords

holy **** PIO passwords should ALWAYS be case sensitive 52 characters +(all numbers and symbols) vs 26 +(al numbers and symbols) its a diffrence


peace.png

thanks hg for making this much better and ty for my avatar aswell

Offline

#60 2019-07-23 17:11:55, last edited by Phinarose (2019-07-23 17:12:31)

Phinarose
Member
From: Dizzy Land
Joined: 2015-12-31
Posts: 102

Re: Data Security Breach 2 - Please Update Your Passwords

XxAtillaxX wrote:

Player.IO has fairly smart security with logins. It is throttled on a very small number of failed attempts, and you won't know you've hit the throttle. It's silent. I've tried bruteforcing accounts before, it doesn't work. I'm sure many others have tried as well, and to no avail.

I don't think that it is bruteforcing.


WjoM2zh.png

Offline

#61 2019-07-23 22:39:04

icepegasus
Member
Joined: 2015-08-21
Posts: 86

Re: Data Security Breach 2 - Please Update Your Passwords

capasha wrote:
icepegasus wrote:
XxAtillaX wrote:

Player.IO does infact hash passwords, and it does convert to lowercase prior to hashing, which rules out any ridiculous compromise of Player.IO

It explains why logging in to ee is case insensitive, but even so the leaked passwords were all case sensitive

Did you read? Every password are converted to lowercase. If you make a password uppercase it will automatic be lowercase in all games.
Whcih mean PIO's security to password is ****. How the hack was made, so didn't they bruteforce the passwords. Because the password is both in uppercase and lowercase.
For me is there a backdoor or a swf that got added which collected passwords.

Well I was talking to seb about it which he got leaked aswell, and his password was indeed case sensitive, but when he logs on ee he just uses all lowercase, yet the leak did get his uppercase letters too, so I don't think it's a bugged swf


user.php?id=icepegasus

Offline

#62 2019-07-24 10:55:56

peace
Member
From: admin land
Joined: 2015-08-10
Posts: 9,226

Re: Data Security Breach 2 - Please Update Your Passwords

poor xeno http://prntscr.com/ojbpb0 someone send this ppic in th ekoong chat i checked wiht my kong alt and oma gawd alos upon opening xenos porfile noting loaded showing on home page inst possible as you cant laod agem on home page


peace.png

thanks hg for making this much better and ty for my avatar aswell

Offline

#63 2019-07-24 22:09:03

peace
Member
From: admin land
Joined: 2015-08-10
Posts: 9,226

Re: Data Security Breach 2 - Please Update Your Passwords

uh is it possible that some more accounts got affected after this post was made by you xeno? and is it possilbe that the guy could get into my kogn acc because somethign weir dhappaned ive done on my kong ee acc (which is ****) hilderens farm today or yesterday and havent entered any campaing afterwards now i wanted to play best of EE campaing  (yes i finaly got in the world wihtout sever timing outs) upon joinign the first world i said do you want to overwirte MK mushrroom cup (tier 1 speedrun) i clicked yes but i neevr joined the world my usernam eon there is HRISUGRS


peace.png

thanks hg for making this much better and ty for my avatar aswell

Offline

#64 2019-07-25 07:21:29

Xenonetix
Past Owner
From: Moving on with my life
Joined: 2015-03-07
Posts: 899
Website

Re: Data Security Breach 2 - Please Update Your Passwords

peace wrote:

uh is it possible that some more accounts got affected after this post was made by you xeno?

It is. I don't believe it's possible they could have gotten any further passwords.

peace wrote:

is it possilbe that the guy could get into my kogn acc because somethign weir dhappaned ive done on my kong ee acc (which is ****) hilderens farm today or yesterday and havent entered any campaing afterwards now i wanted to play best of EE campaing

It's relatively unlikely they "got into" your account. Almost everything going on has been happening backend, so unless you share your Kong account email and password with your EE email and password, I don't see a way for other people to access your Kong account that would be in any way connected to EE.


Xenonetix-2.png

Offline

Wooted by: (3)

#65 2019-07-27 02:20:50

soniiiety
Member
From: peaceful dojo
Joined: 2016-02-10
Posts: 1,752

Re: Data Security Breach 2 - Please Update Your Passwords

YYAY my account isnt on the list

man they hacked lame accounts


de543c4c-ed76-4170-896f-8fa2a5183225_1_784x184.jpg?ex=667f757e&is=667e23fe&hm=b6817d138e71c14a2bdbf73bbe7213a5d2d1b7300d78449d1f0fe240e603ab04&

Offline

#66 2019-07-27 12:11:08

Charlie59876EE
Member
Joined: 2016-06-18
Posts: 137

Re: Data Security Breach 2 - Please Update Your Passwords

soniiiety wrote:

YYAY my account isnt on the list

man they hacked lame accounts

and my account


When your energy refills...
mfe5hE8.png

Offline

Wooted by:

#67 2019-07-27 15:26:36

peace
Member
From: admin land
Joined: 2015-08-10
Posts: 9,226

Re: Data Security Breach 2 - Please Update Your Passwords

uh guys the game is closed but the hackers still have acdes so uhm yeah


peace.png

thanks hg for making this much better and ty for my avatar aswell

Offline

Wooted by:

#68 2019-07-28 21:32:58

Spongelito
Member
From: Tennessee, USA
Joined: 2018-01-03
Posts: 38

Re: Data Security Breach 2 - Please Update Your Passwords

EE looks different now with the text having a basic look. What happened?


Hits that yeet all day and all night
1a8d1a0b38ed2d870651225a3daa431fa1f10b3ar1-455-528v2_128.jpg

Offline

#69 2019-07-28 23:57:49

Alejandroc33
Member
From: Perú
Joined: 2016-03-25
Posts: 8

Re: Data Security Breach 2 - Please Update Your Passwords

What will happen to those of us who play for Kongregate?

Offline

#70 2019-07-29 00:37:40

mrjawapa
Corn Man 🌽
From: Ohio, USA
Joined: 2015-02-15
Posts: 5,840
Website

Re: Data Security Breach 2 - Please Update Your Passwords

peace wrote:

maby staff acoutneds needs an extra security like after you guessedthe email and password you need to do another thing to verify youre the staffmember this could saty if ur ex staffmember for a while if there are still ways that you as ex staffmemeber can get acces to something a hacker coudl use nicely

This is actually a good idea. 2fa would be fine, and could be in place for everyone.

But we've had issues with past staff accounts.


Discord: jawp#5123

Offline

#71 2019-07-29 01:34:07

NoNK
Member
Joined: 2019-07-13
Posts: 922

Re: Data Security Breach 2 - Please Update Your Passwords

We already have 2factor, one's your username the others your password

Offline

#72 2019-07-29 01:52:09

Processor
Member
Joined: 2015-02-15
Posts: 2,246

Re: Data Security Breach 2 - Please Update Your Passwords

NoNK wrote:

We already have 2factor, one's your username the others your password

thats not how this works

two passwords is still one factor


I have never thought of programming for reputation and honor. What I have in my heart must come out. That is the reason why I code.

Offline

Wooted by: (3)

#73 2019-07-29 05:34:14, last edited by Aoitenshi (2019-07-29 05:37:38)

Aoitenshi
Member
Joined: 2015-02-18
Posts: 2,058

Re: Data Security Breach 2 - Please Update Your Passwords

"Kongregate is crap"

That did not age well.

Offline

#74 2019-07-29 06:33:07

Gosha
Member
From: Russia
Joined: 2015-03-15
Posts: 6,211

Re: Data Security Breach 2 - Please Update Your Passwords

NoNK wrote:

We already have 2factor, one's your username the others your password

1) that's not how it works
2) you can actually login without knowing email, so if you are trying to hack someone, you just need to guess the password

Offline

#75 2019-07-29 06:41:14

Norwee
Formerly NorwegianboyEE
From: Norway
Joined: 2015-03-16
Posts: 3,773

Re: Data Security Breach 2 - Please Update Your Passwords

Is the Kongregate version actually safe to use?


★              ☆        ★        ☆         â˜…
   â˜†    ★                     â˜…

Offline

Thomas333 / MarioManTj1565838533759054

Board footer

Powered by FluxBB

[ Started around 1732487308.5341 - Generated in 0.095 seconds, 12 queries executed - Memory usage: 1.8 MiB (Peak: 2.05 MiB) ]