Data breach at OneLogin
-
Anyone using OneLogin for SSO?
PSA: OneLogin Breached. Here's What You Need to Do.
This is a public service announcement from Wordfence. We are sending this notice to the WordPress community due to the widespread nature and potential severity of this security issue. It has a high likelihood of impacting some of our readers and requires immediate action on their part. Single sign...
-
@masonwheeler Yup. Everyone in the company had to change their password. The load reportedly took down Avatier.
-
Ditto. Here's hoping I can remember my new password tomorrow...
-
Is that why spams have suddenly started including my actual last name? Maybe...
-
And the official instructions said to change the whole password, not just the suffix used to get around the 90 day change requirement.
-
@Greybeard said in Data breach at OneLogin:
not just the suffix used to get around the 90 day change requirement.
INSANITY - i have not changed my password base in over 7 years!
Glad we weren't on OneLogin. My new password would have been hell to type after that ....xxXxxxxx←←←←←←←←yyyyYyyy111!
That'd make it super secure though, right? I mean what hacker would ever guess that my new password has backspaces in it?
-
@darkmatter said in Data breach at OneLogin:
@Greybeard said in Data breach at OneLogin:
not just the suffix used to get around the 90 day change requirement.
INSANITY - i have not changed my password base in over 7 years!
Glad we weren't on OneLogin. My new password would have been hell to type after that ....xxXxxxxx←←←←←←←←yyyyYyyy111!
That'd make it super secure though, right? I mean what hacker would ever guess that my new password has backspaces in it?
I wonder what Unicode character breaks the most password entry form fields.
-
@ben_lubar said in Data breach at OneLogin:
@darkmatter said in Data breach at OneLogin:
@Greybeard said in Data breach at OneLogin:
not just the suffix used to get around the 90 day change requirement.
INSANITY - i have not changed my password base in over 7 years!
Glad we weren't on OneLogin. My new password would have been hell to type after that ....xxXxxxxx←←←←←←←←yyyyYyyy111!
That'd make it super secure though, right? I mean what hacker would ever guess that my new password has backspaces in it?
I wonder what Unicode character breaks the most password entry form fields.
NULL
-
@Tsaukpaetra said in Data breach at OneLogin:
@ben_lubar said in Data breach at OneLogin:
@darkmatter said in Data breach at OneLogin:
@Greybeard said in Data breach at OneLogin:
not just the suffix used to get around the 90 day change requirement.
INSANITY - i have not changed my password base in over 7 years!
Glad we weren't on OneLogin. My new password would have been hell to type after that ....xxXxxxxx←←←←←←←←yyyyYyyy111!
That'd make it super secure though, right? I mean what hacker would ever guess that my new password has backspaces in it?
I wonder what Unicode character breaks the most password entry form fields.
NULLThat would probably be my guess too.
-
@Tsaukpaetra said in Data breach at OneLogin:
I wonder what Unicode character breaks the most password entry form fields.
NULLPfft, you're not trying nearly hard enough. Code points U+22 and U+27 break far, far more.
-
@Arantor said in Data breach at OneLogin:
Pfft, you're not trying nearly hard enough. Code points U+22 and U+27 break far, far more.
I'd expect U+20 and U+2B to cause plenty of problems too. :(
-
@dkf said in Data breach at OneLogin:
@Arantor said in Data breach at OneLogin:
Pfft, you're not trying nearly hard enough. Code points U+22 and U+27 break far, far more.
I'd expect U+20 and U+2B to cause plenty of problems too. :(
U+07 would make the servers beep every time you logged in
-
@dkf not in passwords ;)
-
@Arantor You'd hope… :(
