Faceplams Faceplams:  0
Results 1 to 12 of 12

Thread: Nintourhistory hacked

  1. #1
    Join Date
    Dec 2011
    Location
    Tynemouth, England
    Posts
    1,844
    Mentioned
    29 Post(s)

    Nintourhistory hacked

    This morning I received notification that an email of mine was found in one of the leaked collections of accounts that are consolidated by the excellent service “haveibeenpwned.com”

    When I checked the details, one of the addresses concerned was one that I had generated and provided only to nintourhistory (I generate new unique email addresses for every web service I sign up to; that way I can individually block them and also track where my data is going)

    Unfortunate I believe that the most likely explanation is that the nintourhistory account database has been leaked/compromised/stolen. The collection that has that data within it is this one :
    https://haveibeenpwned.com/PwnedWebsites#Collection1

    If you had provided personal data to nintourhistory consider changing any shared passwords (and then get a password manager like 1Password and stop reusing passwords).

  2. #2
    Join Date
    Dec 2011
    Location
    Austin, TX 24.24.1.400[Inc]
    Posts
    359
    Mentioned
    4 Post(s)
    Thoughts on 1Password (3rd party review) vs Dashlane? I'm using a mix of mac, windows(locked down by the employer), chrome, IE, and iphones and would like to run 2 accounts. I'm curious how easy usage is across those platforms.
    Last edited by ekrekel; 01-17-2019 at 11:15 AM.

  3. #3
    Join Date
    Dec 2018
    Posts
    174
    Mentioned
    2 Post(s)
    Bummer, man. Changed my password.

  4. #4
    Join Date
    Jul 2013
    Posts
    325
    Mentioned
    7 Post(s)
    I didn't get a notification for this particular hack so I checked manually and, for what it's worth, my email used on ninhistory didn't ping. I changed my password anyway just to be sure.

    Edit: Obviously this doesn't apply to ninhistory but, as a general rule, activate two-factor authentication on any of your accounts that support it...especially your primary email.
    Last edited by cdm; 01-17-2019 at 11:06 AM.

  5. #5
    Join Date
    Dec 2011
    Location
    Berlin
    Posts
    436
    Mentioned
    15 Post(s)
    Quote Originally Posted by ekrekel View Post
    Thoughts on 1Password (3rd party review) vs Dashlane? I'm using a mix of mac, windows(locked down by the employer), chrome, IE, and iphones and would like to run 2 accounts. I'm curious how easy usage is across those platforms.
    I'm personally using Bitwarden, as it's Open Source and recently passed a third-party security audit. Oh and it's also cross platform and free. But it's up to you to decide who you trust the most (which, essentially, it comes down to Open Source design vs proprietary services).

  6. #6
    Join Date
    Nov 2011
    Location
    Calgary, AB
    Posts
    364
    Mentioned
    4 Post(s)
    The website should also have a http redirect to https. If you just manually type in nintourhistory.com, it'll default to the http page, which will send all username/password info in plain text.

  7. #7
    Join Date
    Nov 2011
    Location
    Ontario
    Posts
    1,775
    Mentioned
    41 Post(s)
    Quote Originally Posted by ekrekel View Post
    Thoughts on 1Password (3rd party review) vs Dashlane? I'm using a mix of mac, windows(locked down by the employer), chrome, IE, and iphones and would like to run 2 accounts. I'm curious how easy usage is across those platforms.
    Not sure about those but I use LastPass and so far I haven't had any issues with it, i use the extension for Chrome on Windows and then i also have the Android app on my phone. I think i tried the iOS app for it on my iPod Touch but it's been a while since I've even had the thing charged up and can't remember if there were any drawbacks or not.

    There's also a great offline tool LastPass has that you can put on a USB key to archive all your passwords if you just want them handy, of course the Android app has an offline mode as well that you just have to remember to enable if you're intending to use it that way.

  8. #8
    Join Date
    Dec 2011
    Location
    Ontari-ari-ario
    Posts
    3,631
    Mentioned
    151 Post(s)
    ^ This. There's a fee for use, but LastPass is worth it, for my peace of mind anyway.

  9. #9
    Join Date
    Feb 2012
    Location
    Denver, CO
    Posts
    415
    Mentioned
    11 Post(s)
    Quote Originally Posted by botley View Post
    ^ This. There's a fee for use, but LastPass is worth it, for my peace of mind anyway.
    There's a free tier but I think it's limited somehow and regardless, it's worth $2/mo for premium or $4/mo to upgrade to the "Family" plan to share passwords with spouses or other important family members. Been using LastPass for years and love it. Make sure you keep track of your master password because there's no way to recover it in the event you forget it.

    And I recommend using multi-word song titles with a character or two capitalized, others swapped out for numbers, and then a special character or two as well. Easier to remember and just as difficult to guess or get via brute force attacks. Then set LastPass to use 16 characters with mixed case, numbers, and special characters. You'll have super strong passwords you never have to remember! Android integration is great. A quick fingerprint confirmation and it pops credentials into Chrome and any app you have installed with corresponding credentials stored.

    LastPass is the shit.

  10. #10
    Join Date
    Dec 2016
    Location
    London
    Posts
    1,098
    Mentioned
    8 Post(s)
    Been considering getting a password tingy (i did check my email and it did get a ping, but none of my passwords were up there, and EVERYTHING i use has a different password...but its a lot harder to maintain and bothersome to change them all every few months) might check out LastPass

  11. #11
    Join Date
    Jul 2013
    Posts
    325
    Mentioned
    7 Post(s)
    Quote Originally Posted by Haysey View Post
    Been considering getting a password tingy (i did check my email and it did get a ping, but none of my passwords were up there, and EVERYTHING i use has a different password...but its a lot harder to maintain and bothersome to change them all every few months) might check out LastPass
    I use the free version of LastPass and it does everything I need. Using it on mobile prior to the iOS integration was really cumbersome but now that they've added support...really great. I assume Android is similar.

  12. #12
    Join Date
    Dec 2011
    Location
    Tynemouth, England
    Posts
    1,844
    Mentioned
    29 Post(s)
    I used to use 1password and I can also recommend it. I only stopped when I moved off Mac.

Posting Permissions