Jump to content
Reliance Jio & Reliance Mobile Discussion Forums
Sign in to follow this  
Followers 0
Honest

Mozilla Accidentally Posts Usernames And Passwords

By Honest, in General Technical Discussion

Recommended Posts

Honest    836

Honest
Posted

113976_matter.jpg

Mozilla Accidentally Posts Usernames and Passwords

Deletes all user passwords and requests users to reset the same

Registered users of Mozilla's add-on website addons.mozilla.org are in for a rude shock. The said users received a message from Mozilla that it had inadvertently exposed their usernames and encrypted passwords. This occurred after the browser giant posted a file containing email addresses, first and last names, and an md5 hash representation of user passwords on a publicly available web server.

The website is an official platform for hosting add-ons related to Mozilla products like Firefox, Thunderbird, and SeaMonkey. As damage control, Mozilla erased all user passwords and has requested users to manually reset the same. It has also implored its users to do the same for any other websites where they may have used the same password. This breach is serious because Mozilla took action only after being informed about the leak by a third party.

We know Mozilla's all for open source, but open source passwords is stretching things too far.

Courtesy : Techtree

Share this post

Link to post
Share on other sites

parin    857

parin
Posted

Yes its going very unsafe

Sent from my SCH-I500 using Tapatalk

Share this post

Link to post
Share on other sites

_Kailash_    63

_Kailash_
Posted

did it also happen to firefox 4 beat version????

Share this post

Link to post
Share on other sites

HetalDP    947

HetalDP
Posted

Dont worry they can not make Password out of MD5 still its safe !!!!

Share this post

Link to post
Share on other sites

KanagaDeepan    1,084

KanagaDeepan
Posted

:previous:

Even if it is Unsafe, I won't care much.. But I fear that our friend, Raccoon bhai will come and beat (me as well as Mozilla) here.. :Riendo:

Share this post

Link to post
Share on other sites

Karthik R    246

Karthik R
Posted

Go chrome! The fastest flash and graphics rendering browser on earth, that is, if you trust Google with privacy :P

Share this post

Link to post
Share on other sites

MVP    3

MVP
Posted (edited)

Dont worry they can not make Password out of MD5 still its safe !!!!

Its still unsafe. They can check against a known database of md5 hashes. A lot are available on net. The more characters your password has, the more safe.

Edited by MVP

Share this post

Link to post
Share on other sites

ami1    237

ami1
Posted

Dont worry they can not make Password out of MD5 still its safe !!!!

Its still unsafe. They can check against a known database of md5 hashes. A lot are available on net. The more characters your password has, the more safe.

That's still quite difficult since passwords are salted first before hashing. Anyway, these are only password to your mozilla addons website - most people would keep different passwords for banking and other sites that matter.

Offcourse, it is their fault the file was posted BUT I really appreciate that they didn't hide the fact and keep silent (no one would have known since only 1 person found it and notified them - most corporates would have kept silent when risk of people coming to know is negligible); but publicly acknowledged their mistake.

Share this post

Link to post
Share on other sites

Karthik R    246

Karthik R
Posted

Here are some tips for choosing a strong password — one that is difficult to guess.

  • Include punctuation marks and/or numbers.
  • Mix capital and lowercase letters.
  • Include similar looking substitutions, such as the number zero for the letter 'O' or '$' for the letter 'S'.
  • Create a unique acronym.
  • Include phonetic replacements, such as 'Luv 2 Laf' for 'Love to Laugh'.

Things to avoid:

  • Don't use computers at Internet cafes or in hotel business centers to access any site requiring a login. Period. No exceptions. Internet cafes and hotel businesses are rife with adware, spyware, keyloggers and assorted other malware which likely will not be visible to the naked eye.
  • Don't use the default password assigned to you unless it's a hard requirement. Some ISPs, for example, pre-configure the account with a username and password combination. You might not be able to change the username, but you definitely should be able to change the password.
  • Don't reveal your passwords to others. If someone absolutely must have access to your account, change the password before you grant them access, then change it again after their access is no longer required.

Courtesy : The Internet

Share this post

Link to post
Share on other sites

raccoon    53

raccoon
Posted

:previous:

Even if it is Unsafe, I won't care much.. But I fear that our friend, Raccoon bhai will come and beat (me as well as Mozilla) here.. :Riendo:

Lol! Even if something does not affect you directly, its never wise to think that it won't affect you indirectly. Everything is connected.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing General Technical Discussion
×