Jump to content
Reliance Jio & Reliance Mobile Discussion Forums
Sign in to follow this  
Honest

Mozilla Accidentally Posts Usernames And Passwords

Recommended Posts

113976_matter.jpg

Mozilla Accidentally Posts Usernames and Passwords

Deletes all user passwords and requests users to reset the same

Registered users of Mozilla's add-on website addons.mozilla.org are in for a rude shock. The said users received a message from Mozilla that it had inadvertently exposed their usernames and encrypted passwords. This occurred after the browser giant posted a file containing email addresses, first and last names, and an md5 hash representation of user passwords on a publicly available web server.

The website is an official platform for hosting add-ons related to Mozilla products like Firefox, Thunderbird, and SeaMonkey. As damage control, Mozilla erased all user passwords and has requested users to manually reset the same. It has also implored its users to do the same for any other websites where they may have used the same password. This breach is serious because Mozilla took action only after being informed about the leak by a third party.

We know Mozilla's all for open source, but open source passwords is stretching things too far.

Courtesy : Techtree

Share this post


Link to post
Share on other sites

Yes its going very unsafe

Sent from my SCH-I500 using Tapatalk

Share this post


Link to post
Share on other sites

did it also happen to firefox 4 beat version????

Share this post


Link to post
Share on other sites

Dont worry they can not make Password out of MD5 still its safe !!!!

Share this post


Link to post
Share on other sites

:previous:

Even if it is Unsafe, I won't care much.. But I fear that our friend, Raccoon bhai will come and beat (me as well as Mozilla) here.. :Riendo:

Share this post


Link to post
Share on other sites

Go chrome! The fastest flash and graphics rendering browser on earth, that is, if you trust Google with privacy :P

Share this post


Link to post
Share on other sites

Dont worry they can not make Password out of MD5 still its safe !!!!

Its still unsafe. They can check against a known database of md5 hashes. A lot are available on net. The more characters your password has, the more safe.

Edited by MVP

Share this post


Link to post
Share on other sites

Dont worry they can not make Password out of MD5 still its safe !!!!

Its still unsafe. They can check against a known database of md5 hashes. A lot are available on net. The more characters your password has, the more safe.

That's still quite difficult since passwords are salted first before hashing. Anyway, these are only password to your mozilla addons website - most people would keep different passwords for banking and other sites that matter.

Offcourse, it is their fault the file was posted BUT I really appreciate that they didn't hide the fact and keep silent (no one would have known since only 1 person found it and notified them - most corporates would have kept silent when risk of people coming to know is negligible); but publicly acknowledged their mistake.

Share this post


Link to post
Share on other sites

Here are some tips for choosing a strong password — one that is difficult to guess.

  • Include punctuation marks and/or numbers.
  • Mix capital and lowercase letters.
  • Include similar looking substitutions, such as the number zero for the letter 'O' or '$' for the letter 'S'.
  • Create a unique acronym.
  • Include phonetic replacements, such as 'Luv 2 Laf' for 'Love to Laugh'.

Things to avoid:

  • Don't use computers at Internet cafes or in hotel business centers to access any site requiring a login. Period. No exceptions. Internet cafes and hotel businesses are rife with adware, spyware, keyloggers and assorted other malware which likely will not be visible to the naked eye.
  • Don't use the default password assigned to you unless it's a hard requirement. Some ISPs, for example, pre-configure the account with a username and password combination. You might not be able to change the username, but you definitely should be able to change the password.
  • Don't reveal your passwords to others. If someone absolutely must have access to your account, change the password before you grant them access, then change it again after their access is no longer required.

Courtesy : The Internet

Share this post


Link to post
Share on other sites

:previous:

Even if it is Unsafe, I won't care much.. But I fear that our friend, Raccoon bhai will come and beat (me as well as Mozilla) here.. :Riendo:

Lol! Even if something does not affect you directly, its never wise to think that it won't affect you indirectly. Everything is connected.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

×