Jump to content
The Dark Mod Forums

How Does Google Know my Dark Mod Password????


NeonsStyle

Recommended Posts

Check this out:

1. It says my TDM Password has been leaked, but more importantly,

2. How does it know my Dark Mod password? Are they not encrypted???

3. Noticed it picked up some of the passwords on my phone as well. WTF is going on here? How do they know this?

 

Neon

 

passwords.jpg

I have an eclectic YouTube channel making videos on a variety of games. Come and have look here:

https://www.youtube.com/c/NeonsStyleHD

 

Dark Mod Missions: Briarwood Manor - available here or in game

http://forums.thedarkmod.com/topic/18980-fan-mission-briarwood-manor-by-neonsstyle-first-mission-6082017-update-16/

 

 

Link to comment
Share on other sites

And is possible you used the same password at another site,
where it is known that its useraccount storage database is leaked.

Following a review of chrome password manager, the password are stored encrypted in a plain text database-file. 
Chrome "calculate" this password and can compare this with leaked calculated passwords. (that is happened)

So change your passwords frequently.
dont use a online/synced password manager from somebody else,
etc etc,..

Edited by freyk

Info: My portfolio and darkmod graphical installer
Amnesty for Bikerdude!

Link to comment
Share on other sites

I use a good system to create strong passwords, which I can remember easily. For example I use 1235 for an account as a password, but I don't use it as is, I use it encrypted. For this I use an app to encrypt text, for example in SHA256 or other systems, with this 1235 becomes

72l6LnLCtvvC5d8Jd2LRaD2CUGhMu9xc6F2Q6+RUues=

which certainly is a strong password which I can repeat whenever I want, only have to remember 1235.

Never trust G☉☉gle

Edited by Zerg Rush
  • Like 1
  • Thanks 2

Sys Specs Laptop Lenovo V145 15AST, AMD A9- 9425 Radeon R5 - 5 cores 3,1 GHz  RAM 8Gb, GPU 1+2 Gb -Win10 64 v21H2

Favorite online apps you may like too 😉

Link to comment
Share on other sites

Either the TDM servers got hacked or, much more likely, you used the same login credentials for numerous sites and another site got hacked. You can check your credentials on haveibeenpwned.com. 

With what tool did you get that report you screenshotted?

  • Like 1
Link to comment
Share on other sites

For important log in data it is always advisable to use an encrypted mail service, such as those of Proton Mail or Tutanota.
I also use Gmail when I created it out of ignorance many years ago, but I do not use it for anything that is relevant and much less use Google as a credential to register on other sites that offer this possibility.

Sys Specs Laptop Lenovo V145 15AST, AMD A9- 9425 Radeon R5 - 5 cores 3,1 GHz  RAM 8Gb, GPU 1+2 Gb -Win10 64 v21H2

Favorite online apps you may like too 😉

Link to comment
Share on other sites

@STiFU It was an email I got from Google telling me this. 

@Zerg Rush, whats the name of this app?

I have an eclectic YouTube channel making videos on a variety of games. Come and have look here:

https://www.youtube.com/c/NeonsStyleHD

 

Dark Mod Missions: Briarwood Manor - available here or in game

http://forums.thedarkmod.com/topic/18980-fan-mission-briarwood-manor-by-neonsstyle-first-mission-6082017-update-16/

 

 

Link to comment
Share on other sites

1 hour ago, NeonsStyle said:

@STiFU It was an email I got from Google telling me this.

Hm, it might be worth looking closely at the URL of the sender - it might not be Google, but a phishing attempt.

  • Like 1
Link to comment
Share on other sites

1 hour ago, NeonsStyle said:

@STiFU It was an email I got from Google telling me this. 

In that case, you are likely using chrome or an android phone and stored passwords in some browser. That data gets synchronized with your google account, if you don't deactivate that functionality.

I recommend disabling all password storage in all your browsers and use a proper password manager to generate and store unique passwords for each site. I can recommend Bitwarden for this, as it is very comfortable to use and runs on all the main platforms. With with stuff like this, user-comfort is a very important factor, as I'd find it annoying to always tab between apps to enter my login credentials into a website. I use Chrome with the Bitwarden addon. I enter my master password into the bitwarden addon once when starting Chrome, and the addon will fill out all login credentials automatically.

  • Like 1
Link to comment
Share on other sites

Only if you use Chrome itself, Google sync in other Chromium browsers don't exist anymore. I use Vivaldi with its own encrypted sync server, data and passwords without access by Vivaldi itself.

Sys Specs Laptop Lenovo V145 15AST, AMD A9- 9425 Radeon R5 - 5 cores 3,1 GHz  RAM 8Gb, GPU 1+2 Gb -Win10 64 v21H2

Favorite online apps you may like too 😉

Link to comment
Share on other sites

The only problem with Password generators/managers, is you never know what the passwords are for any of your sites. 
If your drive goes down you lose all that info, and now can't get into any of your sites. This is why I've never used
one. 

I have an eclectic YouTube channel making videos on a variety of games. Come and have look here:

https://www.youtube.com/c/NeonsStyleHD

 

Dark Mod Missions: Briarwood Manor - available here or in game

http://forums.thedarkmod.com/topic/18980-fan-mission-briarwood-manor-by-neonsstyle-first-mission-6082017-update-16/

 

 

Link to comment
Share on other sites

You should seriously reconsider that stance. Passwords that you can remember are very likely not secure enough, particularly because you probably share them between accounts to some extent.

Good password managers encrypt your passwords securely so that you can easily back them up to cloud storage.

  • Like 1
Link to comment
Share on other sites

1 hour ago, cabalistic said:

You should seriously reconsider that stance. Passwords that you can remember are very likely not secure enough, particularly because you probably share them between accounts to some extent.

Good password managers encrypt your passwords securely so that you can easily back them up to cloud storage.

Passwords which I can remember also secure, when I ecrypt them before use. See the Example in what I had converted 1235. What isn't secure is to have your password stored in a server online, using a password manager. If this server fails or is hacked, you can't recover your password created in aleatory manner. But I can recover mine, only remember 1235 and

 

On 8/12/2021 at 3:16 PM, NeonsStyle said:

@STiFU It was an email I got from Google telling me this. 

@Zerg Rush, whats the name of this app?

the text encrypter I use.

There are severals, for Example Encipher.it (AES) is a good choice (you can use it online, but better the app, it's free) https://encipher.it. You can also create your own, not very complicated with the text functions of a spreedsheet (Excel, LibreOffice Calc, or what you use)

Edited by Zerg Rush

Sys Specs Laptop Lenovo V145 15AST, AMD A9- 9425 Radeon R5 - 5 cores 3,1 GHz  RAM 8Gb, GPU 1+2 Gb -Win10 64 v21H2

Favorite online apps you may like too 😉

Link to comment
Share on other sites

55 minutes ago, Zerg Rush said:

Passwords which I can remember also secure, when I ecrypt them before use. See the Example in what I had converted 1235. What isn't secure is to have your password stored in a server online, using a password manager. If this server fails or is hacked, you can't recover your password created in aleatory manner. But I can recover mine, only remember 1235 and

I said backed up, not stored, didn't I? My Keepass file is automatically synced with cloud storage, and as a consequence I have multiple fairly recent copies on my laptop, PC and my server.

You do still have the problem that you need different passwords for different accounts. If you use the same encrypted passwords for all your accounts, that is most certainly not secure. I guess you could just use the domain name in your scheme, if your encryption is strong enough. You'll just have to hope that the websites didn't put some braindead rules for passwords into place that your encrypted output doesn't conform to :)

  • Like 1
Link to comment
Share on other sites

 

5 minutes ago, AluminumHaste said:

I like to subscribe to the 4 random word passwords. Like Horse Cloud French Toast or something like that. Easy to remember, not guess.

You can go that route, but two things that are important to point out:

  1. 4 words may be cutting it close, probably better to choose 5 to 6, at least for important accounts.
  2. you must not pick the words, they must be chosen randomly! If you pick the words, there will be patterns in the sequence which significantly weaken the strength of the password. I know it's in the name of the method and you're probably aware, but many people still have a tendency to try to pick or "massage" the generated words, so I wanted to emphasize it :)

Still, remembering too many of those phrases simultaneously is not an easy feat, so I'd still recommend a password manager, even if it's just a backup for your memory...

Link to comment
Share on other sites

On 8/10/2021 at 3:57 AM, NeonsStyle said:

Check this out:

1. It says my TDM Password has been leaked, but more importantly,

The info in that screenshot doesn't say that your TDM account is leaked. It says:

1. One password for an account is compromised

2. You have some weak passwords for 3 sites (one is TDM)

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recent Status Updates

    • Petike the Taffer

      I've finally managed to log in to The Dark Mod Wiki. I'm back in the saddle and before the holidays start in full, I'll be adding a few new FM articles and doing other updates. Written in Stone is already done.
      · 1 reply
    • nbohr1more

      TDM 15th Anniversary Contest is now active! Please declare your participation: https://forums.thedarkmod.com/index.php?/topic/22413-the-dark-mod-15th-anniversary-contest-entry-thread/
       
      · 0 replies
    • JackFarmer

      @TheUnbeholden
      You cannot receive PMs. Could you please be so kind and check your mailbox if it is full (or maybe you switched off the function)?
      · 1 reply
    • OrbWeaver

      I like the new frob highlight but it would nice if it was less "flickery" while moving over objects (especially barred metal doors).
      · 4 replies
    • nbohr1more

      Please vote in the 15th Anniversary Contest Theme Poll
       
      · 0 replies
×
×
  • Create New...