Data Breach?

mikejay

Full Member
Posts
609
Likes
450
Not sure if this is the right forum to post this in. But I have just had google alert me that my passwords for the other sites associated with wildcamping have been compromised due to a data breach. Have also posted this on the other website.

Mike
3160.jpg
 
Hi Mike,

Thanks for raising this — I completely understand why Google’s warning would be worrying.

To reassure everyone: this does not mean Motorhomer.com, Wild Camping, or any associated site has had a data breach.

What Google is saying is that a password saved in your Google Password Manager has appeared in a known data breach somewhere on the internet. Because Google can see that you have used that same password for Motorhomer.com and other related sites, it is warning you to change it there as well.

A few important points:
  • There is no evidence of a breach on Motorhomer.com or our associated sites.
  • Google’s warning does not say that Motorhomer.com was the breached site.
  • It means the same password has likely been used elsewhere and has become compromised.
  • You should change your password on Motorhomer.com, Wild Camping, and anywhere else you have used that same password.
  • It is always best to use a different password for every website.
  • Passwords are not stored in the forum database.
  • We store the data as secure password hashes.

So, in simple terms: Google is warning that your password has been found in a breach somewhere, not that this forum has been breached.

For safety, please change the affected password and avoid reusing the same password across multiple websites.

Thanks,
Phil
 
I have a tip to have a memorable password that is different for every website.

Think of a line from a favourite song or film. For example, 'I'm dreaming of a white Christmas' Something longer is better, but this illustrates the point.

Take the first letter of each word, so idoawc. To make it more secure, change the letter i to the number 1 or an exclamation mark, the o to the number 0, the a to the symbol @. You then have 1d0@wc or !do@wc. To complete it and make it different for each website, end it (or start it) with something that relates to the site; the obvious being wc for here, mh for motorhomer, MS for Marks and Spencer etc.

Voila. A memorable, different and unguessable password for every site.
 
Always use different passords on sites, also a good idea to run vivaldi with free vpn, also brave or firefox, getting tight these days to be secure.
 
I have a tip to have a memorable password that is different for every website.

Think of a line from a favourite song or film. For example, 'I'm dreaming of a white Christmas' Something longer is better, but this illustrates the point.

Take the first letter of each word, so idoawc. To make it more secure, change the letter i to the number 1 or an exclamation mark, the o to the number 0, the a to the symbol @. You then have 1d0@wc or !do@wc. To complete it and make it different for each website, end it (or start it) with something that relates to the site; the obvious being wc for here, mh for motorhomer, MS for Marks and Spencer etc.

Voila. A memorable, different and unguessable password for every site.
I'm sure that's a great tip Jo , for some .
Unfortunately I got lost halfway through the 3rd paragraph !
 
I use a similar idea for credit/debit card which are all 4 numbers, and have 16 numbers to play with, jsut pick 1 from each block in any order you prefer, yes it could be hacked, eventually, but so could your birth date by a family member or friend.
 
I used to visit clients sites to address issues with software we had developed.
I would tell the client to change their password, then I would sign on using the new password, when I finished I would tell them to change the password again.
This enabled me to sign on as the client and thus experience the same things the client did.

On one visit the conversation went something like this...
Me: Have your changed the password
Client : Yes

Me: What is the new password?
Client: Yes

Me: Sorry, What is the password?
Client: True

Me: (typing TRUE, and getting "Wrong Password"): What case it it?
Client: Lower

Me: (typing true, and getting "Wrong Password"): I must have misheard you ... What is the password?
Client: True

Me: Could you spell that for me phonetically?
Client: Whiskey Hotel Alpha Tango

Exit client (giggling)
 
Last edited:
iOS / Mac generate secure passwords automatically (you need to turn the function on) and share them across all your devices.

In this way you don’t even know the password yourself. All devices use face recognition and or pin combination on the devise to sign in on your behalf, it them updates them periodically.

I only use generic passwords for sites that have no access to personal information, on such sites (including this one) I use a set of personal information that just isn’t true. That includes name, address and dob etc.

I then run a vpn in the background that shows my location etc, but again not the real details.

Password generators are almost certainly available for windows etc also, but I’ve no experience of windows or other operating systems.

I never use a credit card or bank details on the internet always apple pay only.
 
I use a similar idea for credit/debit card which are all 4 numbers, and have 16 numbers to play with, jsut pick 1 from each block in any order you prefer, yes it could be hacked, eventually, but so could your birth date by a family member or friend.
Family member lives in small village full of oldies .
Post Office has a list behind counter, name and pin number
 
iOS / Mac generate secure passwords automatically (you need to turn the function on) and share them across all your devices.

In this way you don’t even know the password yourself. All devices use face recognition and or pin combination on the devise to sign in on your behalf, it them updates them periodically.

I only use generic passwords for sites that have no access to personal information, on such sites (including this one) I use a set of personal information that just isn’t true. That includes name, address and dob etc.

I then run a vpn in the background that shows my location etc, but again not the real details.

Password generators are almost certainly available for windows etc also, but I’ve no experience of windows or other operating systems.

I never use a credit card or bank details on the internet always apple pay only.
Yes, there are numerous password managers that will generate random passwords and synchronise them across devices. A problem arises when there is an issue with the password manager's server and it won't let you log in. Some will allow offline login, which will enable you to use passwords stored locally under these circumstances, but obviously without synchronising across devices.
 
Back
Top