Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


freitasm

BDFL - Memuneh
79254 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

#312403 13-Apr-2024 22:33
Send private message

Hi folks

 

Over the last few days, we noticed a couple of episodes where suspicious replies were posted on Geekzone. 

 

In one case, the account owner emailed me to say his account was compromised somewhere else and used on Geekzone to post spam from a US-based IP address. He only noticed it because he received a topic reply notification and he hadn't posted in that topic before. I was told the password was reused between different sites.

 

In another episode, a spam reply was reported and we noticed the post was from an Estonian-based IP address.

 

I suspect this could be either data leaked from the LastPass breach, or a data leak somewhere in New Zealand, and some Bad People (TM) are testing the passwords in smaller sites before going for the big ones (banks, stock, etc).

 

     

  1. Please ensure you use unique passwords for each site. 
  2. Use a password manager (not LastPass) to record all your unique passwords.
  3. Enable 2FA where possible, either using an Authenticator app or Yubikey if possible.
  4. SMS 2FA is not as safe, but if no other option is available, use it. 

 

We do not know your password on Geekzone and we have no way to read it. I have now implemented a login notification email to let you know when someone logged into your account.

 

 

 

PS. I suspect one recent data leak in New Zealand, but the disclosure did not mention passwords so I won't name it. 





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
cddt
1548 posts

Uber Geek


  #3217989 14-Apr-2024 08:44
Send private message

Thanks for implementing the login notification email. I can confirm it works! 





My referral links: BigPipeMercury




Wheelbarrow01
1723 posts

Uber Geek

Trusted
Chorus

  #3218461 14-Apr-2024 23:06
Send private message

I must have been living under a rock or something because I was completely unaware of this Lastpass data breach...

 

I've just exported my vault to a new Bitwarden account and I guess now I'll go change all my passwords after I delete Lastpass - I can't wait LOL

 

Thanks for the heads-up, otherwise I would have just carried on blissfully unaware....


Chills
161 posts

Master Geek

Subscriber

  #3218464 15-Apr-2024 00:11
Send private message

I thought LastPass was already gone along with Dashlane but I must just not be caught up. My personal recommendations are BitWarden and 1Password! 




Batman
Mad Scientist
29760 posts

Uber Geek

Trusted
Lifetime subscriber

  #3218478 15-Apr-2024 07:40
Send private message

freitasm:

 

     

  1.  
  2. Use a password manager (not LastPass) to record all your unique passwords.
  3. Enable 2FA where possible, either using an Authenticator app or Yubikey if possible.

 

 

 

 

wow i thought LastPass was the one and only, seems i'm mistaken

 

do you have to keep changing password managers like how we keep changing passwords?

 

any recommendation of the best password manager? not google?


Batman
Mad Scientist
29760 posts

Uber Geek

Trusted
Lifetime subscriber

  #3218479 15-Apr-2024 07:41
Send private message

Chills:

 

I thought LastPass was already gone along with Dashlane but I must just not be caught up. My personal recommendations are BitWarden and 1Password! 

 

 

i'm getting the feeling that one has to keep changing password manager like they are supposed to keep changing the password? oh dear


Behodar
10502 posts

Uber Geek

Trusted
Lifetime subscriber

  #3218480 15-Apr-2024 07:48
Send private message

I'm a moderator on another forum and we've seen similar things there, where "good" accounts suddenly have their email address changed and start posting spam from a different IP address. We agree with the suspicion that passwords were breached somewhere down the line.


freitasm

BDFL - Memuneh
79254 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3218492 15-Apr-2024 08:59
Send private message

Batman:

 

wow i thought LastPass was the one and only, seems i'm mistaken

 

do you have to keep changing password managers like how we keep changing passwords?

 

any recommendation of the best password manager? not google?

 



I may not understand what you wrote. Do you mean to imply you think other password managers were compromised? Because that is not what I wrote.





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


 
 
 

Cloud spending continues to surge globally, but most organisations haven’t made the changes necessary to maximise the value and cost-efficiency benefits of their cloud investments. Download the whitepaper From Overspend to Advantage now.
Batman
Mad Scientist
29760 posts

Uber Geek

Trusted
Lifetime subscriber

  #3218493 15-Apr-2024 09:02
Send private message

freitasm:

I may not understand what you wrote. Do you mean to imply you think other password managers were compromised? Because that is not what I wrote.

 

i meant that not long ago people were recommending LastPass as the best password manager, and now I am hearing don't use LastPass.

 

what is the current best password manager? why are we no longer recommending LastPass?

 

thanks

 

(no i don't think password managers are compromised, i was just hoping you use one password manager and never need to change but it seems you have to change password managers from time to time for reasons I don't yet understand)


freitasm

BDFL - Memuneh
79254 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3218494 15-Apr-2024 09:04
Send private message

Bitwarden.




Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


Chills
161 posts

Master Geek

Subscriber

  #3218499 15-Apr-2024 09:34
Send private message

LastPass was just one of those companies that paid a lot for sponsorship spots on YouTube videos hence the big traction in their service.


ANglEAUT
2320 posts

Uber Geek

Trusted
Lifetime subscriber

  #3218500 15-Apr-2024 09:36
Send private message

Batman: ... one has to keep changing password manager like they are supposed to keep changing the password? ...

 

No, generally you do not need to change password managers regularly. Also, there are only a few on the market.

 

 

 

Batman: ... what is the current best password manager? why are we no longer recommending LastPass? 

 

chills above already suggested good options.

 

As to why LastPass is no longer recommended? Many, many, many reasons. Mostly the multiple breaches & then the insecure methods of implementation.





Please keep this GZ community vibrant by contributing in a constructive & respectful manner.


  #3218502 15-Apr-2024 09:50
Send private message

Login notification works here.... Notification shows my IPv6 address.





Gordy

 

My first ever AM radio network connection was with a 1MHz AM crystal(OA91) radio receiver.


  #3218505 15-Apr-2024 09:54
Send private message

How do I setup 2FA Yubikey on GZ?





Gordy

 

My first ever AM radio network connection was with a 1MHz AM crystal(OA91) radio receiver.


freitasm

BDFL - Memuneh
79254 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3218507 15-Apr-2024 10:05
Send private message

Gordy7:

 

How do I setup 2FA Yubikey on GZ?

 

 

You can't. We offer TOTP-based 2FA (Authenticator).





Please support Geekzone by subscribing, or using one of our referral links: Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSyncBackblaze backup


Batman
Mad Scientist
29760 posts

Uber Geek

Trusted
Lifetime subscriber

  #3218705 15-Apr-2024 15:32
Send private message

Thanks guys will check out bitwarden. I'm glad I didn't sign up for lastpass.

Just a question, is Microsoft authenticator ok to use? I have no issues using it, just wondering if it's safe

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.