0.00
#... |
|---|
|
Hi All, Google's security checkup let me know that my Astrobin's Login and Password were compromised in a data breach. Is this a false flag? Regardless- just for good measure, I am updating my password, and so should you.  |
0.90
#... |
|---|
|
I think Google flags the password as compromised if another of your accounts that was exposed shares the same password. If that is the case, you should change it for all accounts that use it. Knowing how Django works (the web framework that AstroBin is built on), the passwords are hashed before being stored in the database, so it would take a lot of effort and some luck to truly compromise a password. EDIT: My password manager is not flagging my AstroBin credentials as breached. I updated my password just in case. --Ethan |
 #... |
|---|
|
You are probably reusing the same password elsewhere, or somebody else is using the same password elsewhere and it was exposed elsewhere. As Ethan mentions, AstroBin does not store your password in clear text, but it stores an encrypted version. When you log in again, the password you input is encrypted using the same algorithm and key and the two encrypted values (input and database) are compared. The key that AstroBin uses to encrypt the passwords is super long and is kept a very safely guarded secret, so there's no chance. |
