Skip to main content

There was an unexpected issue forwarding you to "Twitter" for authentication. Please try again later.

Replies sorted oldest to newest

Enthusiastic Contrafibularities posted:


Just a quick question.


How do we know the checking site is legit and if they are not 'scooping' email addresses.??

A very valid question and one that had crossed my mind before I posted above. The site was created in December 2013 by Troy Hunt, a web security expert.
The site has been in the papers before, for instance in the Mail in December 2015

Note that the site is an https one indicating that the data you submit to it is sent more securely than a http site.

El Loro
El Loro posted:

I also checked the email address of someone I know where I've had spam emails supposedly from them in the past and the site did confirm that their email address had been identified as at risk.

I checked my works email first. 

Then I made one up very similar and it came up clean, so I figure from that small test it seems to be working as described.


My personal ones all came up pwned. So I guess for safeguarding purposes I will get onto a known clean device (I have a ghost image of my computer) and reset some of my pa55w0rd5.


Enthusiastic Contrafibularities
Saint posted:
Enthusiastic Contrafibularities posted:
Saint posted:

Passy changed 

I'm going one further and changing some of my website passwords like GaGaJoyJoy for example.

They could steal your flounce

Imagine that !!!

My new password for GGJJ is based on a SHA512 Hash.





Enthusiastic Contrafibularities
Saint posted:



All I can reveal is that he has half a pink lip and half a brown lip LOL

I'm fed up having to change all these ruddy passwords

I forget what I chose

Ah! So it's 'halfpinkhalfbrown' . Now just to work out where the Capital letter(s) is/are and what the numbers are and whether there are 'special characters'.........back in a jiffy!

Extremely Fluffy Fluffy Thing

Thanks for posting this thread, El Loro. As some of you will know, I've been on holiday and without internet access, so there's little I could do about this until now.


A colleague informed me about haveibeenpwnd a while back and I was "clean" then, but it looks like this latest hack has finally caught me - so: new password time...  

My lesser-used address is still clean, but I see my work email has finally been pwnd too - not that I'll be the only one there.   Quite a few colleagues were caught in previous hacks, so I'll probably check a few other addresses, but wait till I'm back at work and able to see what action IT are taking before I escalate things (needless to say, company policy enforces 90-day password changes, and I'm due soon anyway).


Eugene's Lair

Add Reply

Link copied to your clipboard.