What is up with all the people from 2010 suddenly appearing

Discussion in 'BlackHat Lounge' started by neweaver, Aug 30, 2014.

  1. neweaver

    neweaver Regular Member

    Joined:
    Feb 12, 2013
    Messages:
    331
    Likes Received:
    176
    Kinda odd. I wouldn't ever remember my password for an account made four years ago that I never used lol
     
  2. Jared255

    Jared255 Jr. Executive VIP Jr. VIP Premium Member

    Joined:
    May 10, 2009
    Messages:
    2,062
    Likes Received:
    1,967
    Location:
    Boston, MA
    I use the same password for all my accounts (paddyspub) so I can always know what my login is without taking the time to reset it and check my email.
     
    • Thanks Thanks x 1
  3. Methodone

    Methodone Junior Member

    Joined:
    Oct 10, 2012
    Messages:
    115
    Likes Received:
    27
    Location:
    KFC
    Same here, I use 5 different passwords in different tiers of the net.
     
  4. neweaver

    neweaver Regular Member

    Joined:
    Feb 12, 2013
    Messages:
    331
    Likes Received:
    176
    Wonder how many people are going to try to log into your account now lol.
     
  5. carrotts

    carrotts Newbie

    Joined:
    Feb 11, 2013
    Messages:
    14
    Likes Received:
    12
    Location:
    UK
    The thing is that you have to change your password every 5 minutes for BHW. Or is that just me?
     
  6. Pringles

    Pringles Jr. VIP Jr. VIP

    Joined:
    Dec 31, 2009
    Messages:
    265
    Likes Received:
    95
    lastpass.com is pretty awesome... I have only been MIA for about 8-10 months though, not 4 years.
     
  7. Asif WILSON Khan

    Asif WILSON Khan OG Blue Tick Exec VIP Jr. VIP

    Joined:
    Nov 10, 2012
    Messages:
    13,862
    Likes Received:
    38,326
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    A certain number will be genuine but a lot of those old account are bought and sold and if you look at the hacking attempts on BHW they usually target old accounts.

    http://www.blackhatworld.com/blackh...someone-looking-hack-into-my-bhw-account.html
    http://www.blackhatworld.com/blackh...dback/691468-my-bhw-account-under-attack.html
    http://www.blackhatworld.com/blackh.../691581-someones-trying-hack-into-forums.html

    All a hacker has to do is scrape all accounts from 2010 then sort them by the last accessed date.
    This should give them a list of a few thousand accounts, they then set their cracker to try each account 4 times per day.
    As they are not hitting the 5 a day lockout it should not draw too much attention.
    As some people use weak passwords they should be able to crack at least a couple of accounts per day.

    ^^^^This has been simplified but that would be the general process.

    That is why I think ALL accounts that haven't been accessed for 18 months or longer should be locked.
     
    • Thanks Thanks x 7
  8. neweaver

    neweaver Regular Member

    Joined:
    Feb 12, 2013
    Messages:
    331
    Likes Received:
    176
    That is true or automatically reset the password after so many days of inactivity so they have to click a link in their e-mail.

    The simplest thing would be to make passwords more complex. Requiring passwords to require uppercase, numbers, and special characters that can't be in a form of a name or common word to make the hacking attempt less successful.

     
  9. Zwielicht

    Zwielicht Super Moderator Staff Member Moderator Jr. VIP

    Joined:
    Aug 31, 2013
    Messages:
    11,272
    Likes Received:
    16,814
    Gender:
    Male
    Occupation:
    Death
    Location:
    Southern California
    Home Page:
    I'm the only person insane enough to have over 100 different passwords consisting of numbers, letters (capital and lowercase), and punctuations. Luckily for me, I remember all of them and can access any e-mail or forum account that I've created.