hypird Posted February 10, 2019 Share Posted February 10, 2019 Google's new tool says there has been databreach with mygnrforum. What is up with that? https://security.googleblog.com/2019/02/protect-your-accounts-from-data.html Quote Link to comment Share on other sites More sharing options...
highvoltage Posted February 10, 2019 Share Posted February 10, 2019 Google's tool is telling you that a password you use for mygnrforum (and potentially other websites) has been found in a breach. It's not saying that it was breached here. You should change that password here and anywhere else you are currently using it. If you are curious where it was breached, you can check your email address here: https://haveibeenpwned.com/ They also provide a password checker here: https://haveibeenpwned.com/Passwords 1 1 Quote Link to comment Share on other sites More sharing options...
hypird Posted February 12, 2019 Author Share Posted February 12, 2019 (edited) On 11.2.2019 at 12:48 AM, highvoltage said: Google's tool is telling you that a password you use for mygnrforum (and potentially other websites) has been found in a breach. It's not saying that it was breached here. You should change that password here and anywhere else you are currently using it. If you are curious where it was breached, you can check your email address here: https://haveibeenpwned.com/ They also provide a password checker here: https://haveibeenpwned.com/Passwords No it specifically said mygnrforum.com is known to have data breach. It didn't warn me about my pasword or username, it said this site has had databreach. My email is not found in those databases Edited February 12, 2019 by hypird Quote Link to comment Share on other sites More sharing options...
highvoltage Posted February 13, 2019 Share Posted February 13, 2019 16 hours ago, hypird said: No it specifically said mygnrforum.com is known to have data breach. It didn't warn me about my pasword or username, it said this site has had databreach. My email is not found in those databases With respect, that is not what the tool does. From the link you posted: Quote Whenever you sign in to a site, Password Checkup will trigger a warning if the username and password you use is one of over 4 billion credentials that Google knows to be unsafe. It's only checking the credentials you're using on a website, not the website itself. To demonstrate, I tried logging in here with "highvoltage/password123" (something known to be unsafe). Here is the error it throws up: It does say "mygnrforum.com" in the error - but the error itself references an unsafe password, not an unsafe website. I can see why you would be confused. Your email address might not appear in the databases, but I would hazard a guess your password does if you check it here: https://haveibeenpwned.com/Passwords 1 1 Quote Link to comment Share on other sites More sharing options...
31illusions Posted February 18, 2019 Share Posted February 18, 2019 Every time I sign in or change my password it says "Connections are not secure and logins can be compromised." Looks like the forum is unsafe. Quote Link to comment Share on other sites More sharing options...
highvoltage Posted February 18, 2019 Share Posted February 18, 2019 1 hour ago, 31illusions said: Every time I sign in or change my password it says "Connections are not secure and logins can be compromised." Looks like the forum is unsafe. It's safe, though we really need to add an SSL certificate at the back end. This will allow access to the site over https:// and give us the "secure connections" green tick. These generally cost money, but Invision might give us one for free if we open a ticket via the client area @downzy. Seems like it's free on the 200 user plan and above. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.