Check to see if your login is compromised

S0litaire

Just a quick warning and some good housekeeping

I got an email form Amazon last night saying it found my login email address on a list of compromised accounts (the compromised list was NOT directly Amazon related) but since the login address was the same, they reset my password as a precaution and asked me to login and use the "recover my password" option to change my password.

I checked with Amazon customer support and the email IS legit. As a security precaution they have started to check the Users logins against known lists of compromised accounts which can be found on the internet.

Seems their was a couple of hacks over Christmas, I think Dropbox (not sure) and a few other sites were hit.

Now I found a site called https://www.pwnedlist.com they have a free service that lets you log 3 email addresses to check and will alert you if they ever pop up on any on a list of compromised accounts. This is the company behind "LastPass Sentry" feature in Lastpass.
Other sites that do something like this are:
https://haveibeenpwned.com/
https://breachalarm.com/

I put my Amazon email in and it popped up in 4 places:
One of them was sort of OK since the password associated with it was encrypted. (it was a forum site which I changed the password ages ago before i cancelled the account on the forum)
The other was from the Adobe hack a few months ago and the password was stored in plaintext!?! (I changed this password when the Adobe hack was announced!)
The last 2 looked like they were scrapped from the adobe list.

It's a good reminder to keep an eye on your email addresses and change passwords regularly! Saying that I've just checked the Username / passwords stored on my browser and found out of the 1000 logins over 100 are using the compromised Username and password. >_< most are old sites that either closed down years ago or have no personal information but a few might. >_<

So I'll be spending most of they day going through the 100+ accounts and making sure the passwords are changed. (if the sites still exist!)

tronator

S0litaire wrote: »

I got an email form Amazon last night saying it found my login email address on a list of compromised accounts (the compromised list was NOT directly Amazon related) but since the login address was the same, they reset my password as a precaution and asked me to login and use the "recover my password" option to change my password.

One more reason for having your own domain and having different email addresses for every single login.

kwikbreaks

I found using a wildcard name on domain emails resulted in spam so reverted to just using a few names with each domain.

I am guilty of using the same email on multiple sites though. I sould probably use disposable emails such as https://www.guerrillamail.com/ for signups and the like but for the most part cba.

I put my 3 most commonly used emails in pwnedlist and am happy that I don't have to spend all day changing passwords as there was nothing reported.

Hedgehog99

I had some spam like this supposedly from Amazon this week, but "view source" revealed otherwise. I'd be very wary of sites offering to check for me - they're probably collecting valid email addresses (because why would someone be concerned about a fake email address?) so they can send them more spam!

S0litaire

tronator wrote: »

One more reason for having your own domain and having different email addresses for every single login.

Oddly enough I do have my own domain name (well a few) the compromised one is my oldest and the one I mainly use for forums and non important sites! Over 10 years worth of logins mount up

S0litaire

Hedgehog99 wrote: »

I had some spam like this supposedly from Amazon this week, but "view source" revealed otherwise. I'd be very wary of sites offering to check for me - they're probably collecting valid email addresses (because why would someone be concerned about a fake email address?) so they can send them more spam!

The main one I wrote about in my post works with LastPass so they are not that much of a risk.

It's also a good way of alerting you if one of your main email addresses (I.e. the one you use to log in to your online email for instance) is compromised in some way if the host is attacked.

Strider590

Personally I use 4 different email addresses and NEVER use the same password.

Most of my passwords are stored by my browser under a master password, except for anything money related like online banking and Paypal.

bod1467

It was last discovered approximately 1 years ago, on 2013-11-11.

Oh noes!!!

tronator

kwikbreaks wrote: »

I found using a wildcard name on domain emails resulted in spam so reverted to just using a few names with each domain.

The trick is to create a subdomain and set up the catchall there. It's highly unlikely someone guesses the name of the subdomain as it is not in the whois database.

S0litaire wrote: »

Oddly enough I do have my own domain name (well a few) the compromised one is my oldest and the one I mainly use for forums and non important sites! Over 10 years worth of logins mount up

See above. I have a different email for every website.

abibee

Changed my Amazon pass in the New Year, after I saw a news item about possible breach for them.
Are multiple e-mail accounts any wiser than just having seperate strong passwords for every site (and your e-mail account), with LastPass? I have passwords 12 to 16 characters, mixed random upper/lower case and numbers.

tronator

abibee wrote: »

Changed my Amazon pass in the New Year, after I saw a news item about possible breach for them.
Are multiple e-mail accounts any wiser than just having seperate strong passwords for every site (and your e-mail account), with LastPass? I have passwords 12 to 16 characters, mixed random upper/lower case and numbers.

I would think so because the attacker has to guess both, the email AND the password.

Having different emails also has the advantage that you know who leaked your email address to spammers. Then just create a filter for that email address.