If you have a Disqus account, you make the head. The company that offers the comments system deported are found all over the Web, confirmed that hackers had stolen 17.5 million user profiles during an intrusion in 2012. Intrusion that unfortunately has been detected this
year.
This makes a little more than 5 years, your password, your email and your username Disqus walking in nature. In addition, passwords are salted and hashe in SHA-1, known since 2005 as being safer.
An attacker who retrieves your Disqus account could pretend for you, leave comments in your name all over the Web. However Disqus forced the reset passwords, after reviewing the problem, so the risk is controlled.
But beyond that, if the password that you use for Disqus, is also a password that you use elsewhere (for example, your mail box), change it quickly, because you can think of as completely grilled.
To see if your email is among the accounts hacked to Disqus in 2012, date on Have I Been Pwned.
Regarding your password policy, what I can recommend, is to stop using passwords that you can remember, as you tend eventually to use the same everywhere (or simple variations to guess). The best thing is to rest on a password manager that brings security guarantees (zeroknowledge, double authentication factor... etc) and that will allow you to generate for each web site of unique passwords that you won't have to remember.
Did you like this article ? Then share it with your friends by clicking on the buttons below:
No comments: