linux-nerds.org

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

16 Billion Apple, Facebook, Google And Other Passwords Leaked — Act Now

Technology

10 Beiträge 7 Kommentatoren 101 Aufrufe

R This user is from outside of this forum
R This user is from outside of this forum
return2ozma@lemmy.world

schrieb am 19. Juni 2025, 20:16 zuletzt editiert von

#1

This post did not contain any content.

16 Billion Apple, Facebook, Google And Other Passwords Leaked

As 16 billion credentials are confirmed as having been leaked, is it time to switch from passwords to passkeys?

Forbes (www.forbes.com)
L T 2 Antworten Letzte Antwort 19. Juni 2025, 21:39

17
R return2ozma@lemmy.world
19. Juni 2025, 20:16

This post did not contain any content.

16 Billion Apple, Facebook, Google And Other Passwords Leaked

As 16 billion credentials are confirmed as having been leaked, is it time to switch from passwords to passkeys?

Forbes (www.forbes.com)
L This user is from outside of this forum
L This user is from outside of this forum
lwd@lemm.ee

schrieb am 19. Juni 2025, 21:39 zuletzt editiert von

#2

What is this article? Besides terrible, I mean. This article is terrible.

First of all, this isn't a new leak. It's not even a combination of old leaks. It's just somebody noticing that a bunch of leaks existed and did an Excel Sum operation on the passwords on them.

According to Vilius Petkauskas at Cybernews, whose researchers have been investigating the leakage since the start of the year, “30 exposed datasets containing from tens of millions to over 3.5 billion records each,” have been discovered. In total, Petkauskas has confirmed, the number of compromised records has now hit 16 billion. Let that sink in for a bit.

And to add insult to injury, the article has this gem:

Is This The GOAT When It Comes To Passwords Leaking?

Password compromise is no joke.

Certainly not with writing like this.
L C T 3 Antworten Letzte Antwort 19. Juni 2025, 22:18

16
L lwd@lemm.ee
19. Juni 2025, 21:39

What is this article? Besides terrible, I mean. This article is terrible.

First of all, this isn't a new leak. It's not even a combination of old leaks. It's just somebody noticing that a bunch of leaks existed and did an Excel Sum operation on the passwords on them.

According to Vilius Petkauskas at Cybernews, whose researchers have been investigating the leakage since the start of the year, “30 exposed datasets containing from tens of millions to over 3.5 billion records each,” have been discovered. In total, Petkauskas has confirmed, the number of compromised records has now hit 16 billion. Let that sink in for a bit.

And to add insult to injury, the article has this gem:

Is This The GOAT When It Comes To Passwords Leaking?

Password compromise is no joke.

Certainly not with writing like this.
L This user is from outside of this forum
L This user is from outside of this forum
ladfrombrad@lemdro.id

schrieb am 19. Juni 2025, 22:18 zuletzt editiert von

#3

Clickbait from Forbes, with not a single mention of 2FA/Two Factor Auth?

Colour me not surprised.
1 Antwort Letzte Antwort

4
R return2ozma@lemmy.world
19. Juni 2025, 20:16

This post did not contain any content.

16 Billion Apple, Facebook, Google And Other Passwords Leaked

As 16 billion credentials are confirmed as having been leaked, is it time to switch from passwords to passkeys?

Forbes (www.forbes.com)
T This user is from outside of this forum
T This user is from outside of this forum
tartarin@reddthat.com

schrieb am 19. Juni 2025, 23:43 zuletzt editiert von

#4

As far as I know, the passwords aren't stored in the databases, it's the hash produced by a one-way function that is stored in the database. Grabbing these is useless.
O 1 Antwort Letzte Antwort 20. Juni 2025, 01:27

0
T tartarin@reddthat.com
19. Juni 2025, 23:43

As far as I know, the passwords aren't stored in the databases, it's the hash produced by a one-way function that is stored in the database. Grabbing these is useless.
O This user is from outside of this forum
O This user is from outside of this forum
orclev@lemmy.world

schrieb am 20. Juni 2025, 01:27 zuletzt editiert von

#5

Hashes can be brute forced, it's just normally too expensive to do so for any reasonably complex password. If you're using "password123" as your password even a hashed password is easily cracked (salting and peppering can help make this more difficult, although still not impossible).
T 1 Antwort Letzte Antwort 20. Juni 2025, 04:13

0
L lwd@lemm.ee
19. Juni 2025, 21:39

What is this article? Besides terrible, I mean. This article is terrible.

First of all, this isn't a new leak. It's not even a combination of old leaks. It's just somebody noticing that a bunch of leaks existed and did an Excel Sum operation on the passwords on them.

According to Vilius Petkauskas at Cybernews, whose researchers have been investigating the leakage since the start of the year, “30 exposed datasets containing from tens of millions to over 3.5 billion records each,” have been discovered. In total, Petkauskas has confirmed, the number of compromised records has now hit 16 billion. Let that sink in for a bit.

And to add insult to injury, the article has this gem:

Is This The GOAT When It Comes To Passwords Leaking?

Password compromise is no joke.

Certainly not with writing like this.
C This user is from outside of this forum
C This user is from outside of this forum
cyclist@lemmy.world

schrieb am 20. Juni 2025, 02:09 zuletzt editiert von

#6

And spelling mistakes in an article from Forbes? Total garbage.
1 Antwort Letzte Antwort

0
O orclev@lemmy.world
20. Juni 2025, 01:27

Hashes can be brute forced, it's just normally too expensive to do so for any reasonably complex password. If you're using "password123" as your password even a hashed password is easily cracked (salting and peppering can help make this more difficult, although still not impossible).
T This user is from outside of this forum
T This user is from outside of this forum
tartarin@reddthat.com

schrieb am 20. Juni 2025, 04:13 zuletzt editiert von

#7

I'm perfectly aware anything can be brute forced and that's why it doesn't worth to mention. Now, the amount of resources required to brute force a hashed password has nothing to do with the complexity of the password. No matter what the password is, the hash will have a fixed length and appear as a random sequence of bytes. Otherwise you are not doing it properly.

The complexity of the password has something to do with guessing the password from dictionary or known most common passwords.
O 1 Antwort Letzte Antwort 20. Juni 2025, 10:49

0
L lwd@lemm.ee
19. Juni 2025, 21:39

What is this article? Besides terrible, I mean. This article is terrible.

First of all, this isn't a new leak. It's not even a combination of old leaks. It's just somebody noticing that a bunch of leaks existed and did an Excel Sum operation on the passwords on them.

According to Vilius Petkauskas at Cybernews, whose researchers have been investigating the leakage since the start of the year, “30 exposed datasets containing from tens of millions to over 3.5 billion records each,” have been discovered. In total, Petkauskas has confirmed, the number of compromised records has now hit 16 billion. Let that sink in for a bit.

And to add insult to injury, the article has this gem:

Is This The GOAT When It Comes To Passwords Leaking?

Password compromise is no joke.

Certainly not with writing like this.
T This user is from outside of this forum
T This user is from outside of this forum
tregetour@lemdro.id

schrieb am 20. Juni 2025, 08:31 zuletzt editiert von

#8

https://news.ycombinator.com/item?id=41590466
https://larslofgren.com/forbes-marketplace/

tldr OP shouldn't be posting Forbes articles
1 Antwort Letzte Antwort

0
T tartarin@reddthat.com
20. Juni 2025, 04:13

I'm perfectly aware anything can be brute forced and that's why it doesn't worth to mention. Now, the amount of resources required to brute force a hashed password has nothing to do with the complexity of the password. No matter what the password is, the hash will have a fixed length and appear as a random sequence of bytes. Otherwise you are not doing it properly.

The complexity of the password has something to do with guessing the password from dictionary or known most common passwords.
O This user is from outside of this forum
O This user is from outside of this forum
orclev@lemmy.world

schrieb am 20. Juni 2025, 10:49 zuletzt editiert von orclev@lemmy.world

#9

Kind of both. The modern way of brute forcing is to just hash the 100,000 or so most common passwords, previously leaked passwords, and minor permutations of all of the above. It's computationally and space intensive, but for a determined attacker entirely doable on modern hardware. That's why complexity matters, because it's not a simple iteration through every possible permutation, but a targeted search through a known password list.
T 1 Antwort Letzte Antwort 20. Juni 2025, 22:18

0
O orclev@lemmy.world
20. Juni 2025, 10:49

Kind of both. The modern way of brute forcing is to just hash the 100,000 or so most common passwords, previously leaked passwords, and minor permutations of all of the above. It's computationally and space intensive, but for a determined attacker entirely doable on modern hardware. That's why complexity matters, because it's not a simple iteration through every possible permutation, but a targeted search through a known password list.
T This user is from outside of this forum
T This user is from outside of this forum
tartarin@reddthat.com

schrieb am 20. Juni 2025, 22:18 zuletzt editiert von

#10

That's why it's not brute force anymore.
1 Antwort Letzte Antwort

0

Anmelden zum Antworten

9/10

20. Juni 2025, 10:49

M

YouTube just quietly blocked Adblock Plus — the internet hasn't noticed yet, but I've found a workaround
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
10 vor 5 Tagen
vor 10 Tagen
1

653 Stimmen

276 Beiträge

1k Aufrufe

P vor 5 Tagen

yeah, lite is worse, no arguing there Luckily I use Maxthon which stll supports uBlock Oriigin non Lite. When it stopps, Firefox here we go
P

It's 2025, the year we decided we need a widespread slur for robots
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
10 vor 13 Tagen
vor 16 Tagen

180 Stimmen

81 Beiträge

465 Aufrufe

A vor 13 Tagen

Well you're cranky, aintcha.
A

Peter Thiel Just Accidentally Made a Chilling Admission. Five Decades Ago, One Man Saw It Coming.
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
10 vor 23 Tagen
vor 24 Tagen
1

152 Stimmen

61 Beiträge

854 Aufrufe

A vor 23 Tagen

That's why I feel like people need to be aware of this, and understand there are Republicans and Democrats taking Thiel's money. It doesn't matter how he gets there, this is his ultimate goal. He would prefer the far right Nazi way, but if he has to hide behind a moderate Democrat he'll do that too. Look at this shit. Ro Kahnna is definitely setting himself up to run for president in 2028. Either that or possibly vice president to Gavin Newsome. Newsome also has taken Thiel money in the past. Thiel's private Uranium mine just happens to be in the home state of Thomas Massie, the Republican who is partnering with Kahnna to take on the Trump Epstein files in a bipartisan tag team. I'm glad they're exposing rich pedophiles, but don't give them fucking brownie points when it's clear they've been sitting on this shit the whole fucking time. The same with Vance going to Rupert Murdoch before all of this dropped. They definitely could have exposed Trump before he even ran for president the second time, but they didn't bc this is just part of their evil bullshit plans. This is just a game to them, and the people who have been hurt and exploited mean nothing. Fuck these evil pieces of shit. All of them.
M

Brave browser blocks Windows feature that takes screenshots of everything you do on your PC
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
10 vor 25 Tagen
22. Juli 2025, 20:44
1

855 Stimmen

356 Beiträge

17k Aufrufe

T vor 25 Tagen

im just simplifying it, they have other methods at thier tools. since recently it come to my attention they also indiscrminately shadowban too for no reason at all/. V3 captcha, browser, time and date, location, components. they detect vpn quite easily now,
G

ICEBlock - See Something, Tap Something
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
10 16. Juli 2025, 17:40
16. Juli 2025, 15:10

109 Stimmen

13 Beiträge

163 Aufrufe

D 16. Juli 2025, 17:40

My main concern is that the app isn't open source. I don't trust any software that isn't fully open source.
T

PNG has been updated for the first time in 22 years — new spec supports HDR and animation
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
10 11. Juli 2025, 03:03
3. Juli 2025, 12:16
1

804 Stimmen

110 Beiträge

2k Aufrufe

S 11. Juli 2025, 03:03

I do not have downvotes on my instance, so please, have a
S

Apple’s Craig Federighi on the long road to the iPad’s Mac-like multitasking
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
10 13. Juni 2025, 06:18
12. Juni 2025, 13:07
1

45 Stimmen

35 Beiträge

399 Aufrufe

M 13. Juni 2025, 06:18

You guys sure display a crazy obsession with "Apple Fanboys" in this sub… The amount of Applephobia… Phew! As if the new release had you all flustered or something… Gotta take a bite and taste the Apple at some point! Can’t stay in the closet forever, ya know?
T

GitHub is Leaking Trump’s Plans to 'Accelerate' AI Across Government
Beobachtet Ignoriert Geplant Angeheftet Gesperrt Verschoben Technology technology
10 16. Juni 2025, 02:37
10. Juni 2025, 22:13
1

281 Stimmen

15 Beiträge

152 Aufrufe

F 16. Juni 2025, 02:37

Magats wanted people with their same mental capacity to run things and oh look, it’s lots of incompetence