[AZ911]

So, I was just logging into the TBHP forum and saving the password on safari on my iPad and came across this message (attached). It says that this password has been in a data breach and as it is common for other websites, it should be updated. I cannot say where the data breach has happened from (which website/forum), but as many of us use common passwords for different websites, it just a walk in the park for hackers etc to try your credentials at different places. So, as a rule of thumb, we should try to mitigate the impact areas and keep changing passwords and also try to use phrases with special characters instead of just words.

[Shreyas_H]

I believe this message simply means that the password you are trying to save on Safari is one that has been used by someone (you or someone else) and has come out in some historical password breach where some website was hacked and passwords leaked

This doesn't have anything to do with Team-BHP as a website.
Chrome has this functionality as well.

You can read up more here - https://9to5mac.com/2020/07/04/ios-1...asswords-more/


From the article -

Safari securely monitors your saved passwords, automatically keeping an eye out for passwords that may have been involved in a data breach. To do this, Safari uses strong cryptographic techniques to regularly check derivations of your passwords against a list of breached passwords in a secure and private way that doesn’t reveal your password information — even to Apple. If Safari discovers a breach, it can help you upgrade to Sign in with Apple when available, or automatically generate a new secure password.

[hondafanboy]

Does not need a separate thread and certainly not such alarming title. Mod should either rename , take a note or just delete the thread. One can check their emails ids haveibeenpawneddotcom to search whether or not your email id and password is compromised and where.

[deathwalkr]

And please don't use common passwords. That too for 30+ sites! And edit your title, gave me a shock when i logged on to the forums

[HTC]

Cant resist from sharing the 'have I been pawned' link. Just enter your email and see for yourself,

https://haveibeenpwned.com/

[R2D2]

Quote:

Originally Posted by AZ911

So, I was just logging into the TBHP forum and saving the password on safari on my iPad and came across this message (attached). It says that this password has been in a data breach and as it is common for other websites, it should be updated. I cannot say where the data breach has happened from (which website/forum), but as many of us use common passwords for different websites, it just a walk in the park for hackers etc to try your credentials at different places. So, as a rule of thumb, we should try to mitigate the impact areas and keep changing passwords and also try to use phrases with special characters instead of just words.

It clearly says your email ID has been involved in a data breach and it's not necesarrily at Team Bhp. Go here ';--have i been pwned? to check where exactly your info was leaked.

I would strongly suggest using a password manager and changing the password at the affected site. Use a complex 15-20 character password with special characters and NEVER re-use passwords. There are many password managers but 1Password works best with Apple products and can be installed on PCs, Android and iOS. Other options are Lastpass, Bitwarden, Dashlane, Enpass, Roboform and many others. My favorite is Lastpass followed by 1Password.

PS - TBH the title of this thread is a bit alarming and does not really reflect reality.

PPS - title of thread modified, so all good

[AZ911]

Haha. I guess it did look clike a click-bait title. It was just an info thread to remind people to stay safe. I said the password could've been stolen from anywhere else and not necessarily TBHP. This is sort of my secondary password, so not much to fret about, but yes, probably using a password manager is the way to go forward.