Gmail Password Leak Update

Keeping on top of security protocols is a must. The recent Gmail leak reminds us all that passwords be unique for each account. Be sure you know how to keep your passwords safe and how to keep your blog safe.

“Add a phony email address to your list of contacts [in your email account]: aaaa@aaaa.com. This email address will likely be the first contact alphabetically in your address book, so will be the first recipient of a spam email from a hacker. You will receive a mail failure notice immediately that the email wasn’t delivered. This is also a quick way of checking to see whether changing your password on your email account was effective.”  –What To Do If Your Email Has Been Hacked

See also: Is Your Email Address a Spam Magnet?

WordPress.com News

This week, a group of hackers released a list of about 5 million Gmail addresses and passwords. This list was not generated as a result of an exploit of WordPress.com, but since a number of emails on the list matched email addresses associated with WordPress.com accounts, we took steps to protect our users.

We downloaded the list, compared it to our user database, and proactively reset over 100,000 accounts for which the password given in the list matched the WordPress.com password. We also sent email notification of the password reset containing instructions for regaining access to the account. Users who received the email were instructed to follow these steps:

  1. Go to WordPress.com.
  2. Click the “Login” button on the homepage.
  3. Click on the link “Lost your password?”
  4. Enter your WordPress.com username.
  5. Click the “Get New Password” button.

In general, it’s very important that passwords be unique for each account. Using the same…

View original post 155 more words

12 thoughts on “Gmail Password Leak Update

  1. Timethief … Apparently something has gone amiss in WordPress land as well. After I posted my “Those Driveway Moments” this morning, I noticed that there was no Comment box. Carl D’Agostino of “I Know I Made You Smile” alerted me that he was unable to post a comment on that story. He posted on a previous one – “Oh, the Places They Will Go” – but, after it was approved by me, that comment didn’t show up either. There also is no “next” on that post to indicate that a new story has been posted.

    Can you help?

    1. Hi Judy,
      The comments boxes do appear on the post now. Consult this support doc if the same thing happens again http://en.support.wordpress.com/enable-disable-comments/

      You don’t have a Recent Posts widget in your sidebar and I could not find “I know I made you Smile” so I had to use Google search and then I still couldn’t find it. U do see the exchange between you and Carl at http://earth-rider.com/

      Bottom line: Please post to the support forum http://en.forums.wordpress.com/?new=1

      Before you do that please fix your blog link to your username. See here for how to do that http://onecoolsitebloggingtips.com/2007/10/06/link-your-username-to-your-blog/

      Right now it’s linked to http://earthriderdotcom.wordpress.com
      It ought to be linked to http://earth-rider.com/

      1. Timethief … I tried to change my URL as you suggested. There is only one listed and it did not allow me to make the change. I’ll look into the other suggestions you made. Thank you for your advice and support.

      1. It happens from time to time. I thought it was just par for the course. Others are aware of it as well.

        The two most annoying factor are:

        1) starting a comment with ‘I’m sorry I’ve missed your last 10 posts, but Nasty WordPress…’ (All said in very whiney voice)
        and
        2) working out just who you haven’t read for a while and tracking them down to see if they are just quiet or have been cut off
        I’ve prob only got a handful so far as I’ve not tracked down the others…

        1. I have seen a few others post to the support forums with the same issue. I follow in the Reader as my email load from the business, contracted work and my personal life is already over the top.

  2. Some passwords are more critical than others, and email is surely one of the most critical, and of all the companies that you would think has a locked-down system for preventing abuse, surely it is Google. So if they can fall, anyone can.

    I use a proprietary password application that remembers complex passwords so that I don’t have to. But if the system into which I log in is hacked, what protection then?

    Worrying, to say the least.

    I watched one of the WordPress.tv videos on security and the speaker talked about passwords becoming less secure with the passage of time.

    He argues that it’s because any given password will have have been around longer for someone to try to hack.

    So he suggested changing passwords regularly.

    1. I think using a password manager is a solid idea. http://onecoolsitebloggingtips.com/2007/11/18/keep-your-passwords-safe/ I also think using a random password generator and changing passwords occasionally is a good prevention plan. I just included another tip on my comment re: early notice of an email hacking notice. The WordPress.tv videos are very informative but I didn’t link to them as they are focused on WordPress.org software and I didn’t want to confuse any of my WordPress.com readers.

Comments are closed.