1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

What is up with all the people from 2010 suddenly appearing

Discussion in 'BlackHat Lounge' started by neweaver, Aug 30, 2014.

  1. neweaver

    neweaver Regular Member

    Joined:
    Feb 12, 2013
    Messages:
    313
    Likes Received:
    167
    Kinda odd. I wouldn't ever remember my password for an account made four years ago that I never used lol
     
  2. Jared255

    Jared255 Jr. Executive VIP Jr. VIP Premium Member

    Joined:
    May 10, 2009
    Messages:
    1,907
    Likes Received:
    1,662
    Location:
    Boston, MA
    I use the same password for all my accounts (paddyspub) so I can always know what my login is without taking the time to reset it and check my email.
     
    • Thanks Thanks x 1
  3. Methodone

    Methodone Junior Member

    Joined:
    Oct 10, 2012
    Messages:
    108
    Likes Received:
    25
    Location:
    Israel
    Same here, I use 5 different passwords in different tiers of the net.
     
  4. neweaver

    neweaver Regular Member

    Joined:
    Feb 12, 2013
    Messages:
    313
    Likes Received:
    167
    Wonder how many people are going to try to log into your account now lol.
     
  5. carrotts

    carrotts Newbie

    Joined:
    Feb 11, 2013
    Messages:
    10
    Likes Received:
    9
    Location:
    UK
    The thing is that you have to change your password every 5 minutes for BHW. Or is that just me?
     
  6. Pringles

    Pringles Jr. VIP Jr. VIP

    Joined:
    Dec 31, 2009
    Messages:
    264
    Likes Received:
    94
    lastpass.com is pretty awesome... I have only been MIA for about 8-10 months though, not 4 years.
     
  7. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Premium Member

    Joined:
    Nov 10, 2012
    Messages:
    10,112
    Likes Received:
    28,526
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    A certain number will be genuine but a lot of those old account are bought and sold and if you look at the hacking attempts on BHW they usually target old accounts.

    http://www.blackhatworld.com/blackh...someone-looking-hack-into-my-bhw-account.html
    http://www.blackhatworld.com/blackh...dback/691468-my-bhw-account-under-attack.html
    http://www.blackhatworld.com/blackh.../691581-someones-trying-hack-into-forums.html

    All a hacker has to do is scrape all accounts from 2010 then sort them by the last accessed date.
    This should give them a list of a few thousand accounts, they then set their cracker to try each account 4 times per day.
    As they are not hitting the 5 a day lockout it should not draw too much attention.
    As some people use weak passwords they should be able to crack at least a couple of accounts per day.

    ^^^^This has been simplified but that would be the general process.

    That is why I think ALL accounts that haven't been accessed for 18 months or longer should be locked.
     
    • Thanks Thanks x 7
  8. neweaver

    neweaver Regular Member

    Joined:
    Feb 12, 2013
    Messages:
    313
    Likes Received:
    167
    That is true or automatically reset the password after so many days of inactivity so they have to click a link in their e-mail.

    The simplest thing would be to make passwords more complex. Requiring passwords to require uppercase, numbers, and special characters that can't be in a form of a name or common word to make the hacking attempt less successful.

     
  9. Zwielicht

    Zwielicht Moderator in Training Jr. VIP Premium Member

    Joined:
    Aug 31, 2013
    Messages:
    3,815
    Likes Received:
    6,734
    Gender:
    Male
    Occupation:
    Liquidator
    Location:
    Riverside County, California
    Home Page:
    I'm the only person insane enough to have over 100 different passwords consisting of numbers, letters (capital and lowercase), and punctuations. Luckily for me, I remember all of them and can access any e-mail or forum account that I've created.