[Coco] hacker Hunt-Down Status
Phill Harvey-Smith
afra at aurigae.demon.co.uk
Sat Dec 2 21:10:08 EST 2006
Roger Taylor wrote:
> At 02:30 PM 12/2/2006, you wrote:
>> Roger, do you think the ID and password list was compromised? Should we
>> change our forum passwords?
>
> No, the passwords are encrypted in the MySQL database, so they cannot
> be seen. However, you know it's a standard practice to change all of
> your passwords periodically, so I would say Yes, do that just for good safety.
Also bear in mind depending on the encryption method used, if the
database had been dumped out, it may be feasible to crack the passwords.
I would say even if you don't think the data was lifted, that you should
change your passwords as you can never be 100% sure of what an intruder
has or has not copied.
Phill.
--
Phill Harvey-Smith, Programmer, Hardware hacker, and general eccentric !
"You can twist perceptions, but reality won't budge" -- Rush.
More information about the Coco
mailing list