Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Macrumors Password compromised - legit or malware?
- Thread starter HDFan
- Start date
- Sort by reaction score
I highly recommend changing your forum password immediately. We've had a spate of compromised accounts.
Edit: Please read WildCowboy's post below for more information.
Edit: Please read WildCowboy's post below for more information.
Last edited:
Turn off Detect Leaked Passwords, it's not trustworthy.
https://support.apple.com/guide/mac-help/sfri40599/mac
https://www.apple.com/legal/privacy/data/en/passwords/
We have not seen any signs of a leak on our side and passwords are not stored in plain text. Our suspicion about the compromised accounts here is that they have been due to weak/reused passwords.
Note that Apple's warning does not mean that your MacRumors account information has specifically appeared in a data leak. All it means is that the password you use on your MacRumors account has appeared in a leak, with no other context.
If it's not a particularly strong password, you may see false positives from Apple's system. For example, if somebody else by chance used the same password for their account on some other site and it leaked, Apple's system will still flag it and warn you even though the leak has nothing to do with you or any your accounts. Obviously the stronger your password, the less likely you'll have a match from an unrelated place, but it still happens.
Note that Apple's warning does not mean that your MacRumors account information has specifically appeared in a data leak. All it means is that the password you use on your MacRumors account has appeared in a leak, with no other context.
If it's not a particularly strong password, you may see false positives from Apple's system. For example, if somebody else by chance used the same password for their account on some other site and it leaked, Apple's system will still flag it and warn you even though the leak has nothing to do with you or any your accounts. Obviously the stronger your password, the less likely you'll have a match from an unrelated place, but it still happens.
That's good to know, thanks for updating us. When I see a mod state that they seen a spate of compromised accounts, one can jump to conclusions as i had
Sorry: I was in the middle of something else at the time so could only write a terse reply, and I just wanted to get the "change your password" out there. As WildCowboy says, we have no reason to believe that there's been a leak at our end.That's good to know, thanks for updating us. When I see a mod state that they seen a spate of compromised accounts, one can jump to conclusions as i had
Sometime accounts names and passwords are post online with totally bogus passwords or very old passwords. They strive to make the lists look large, and all encompassing but they are not necessarily accurate. And the warnings you receive are that your account name and a password have been posted/published, not necessarily your current password
The password in question was 25 characters, upper/lower case with symbols and numbers which 1Password considered a "fantastic" length. Changed it anyway.
I use 1Password to create complex passwords, I also have 2FA enabled here. I usually shy away from 2FA and avoid it but various reasons its been enabled here at MR. I was close to turning it off just last week, but given what you posted, its probably safe to keep it active.
This is the most important fact about that (useful btw.) warning from Apple. I did get the warning myself, because I use a common, "real" word as password at MacRumors - like "Icecream" for instance. But this icecream is not linked to my account in this leak.
Years ago I started to use misspelled words, because I like to keep some passwords in my head. So "Icecarem" as a simple example already could add some additional security.