Battle.net hacked

Started by Thorin, August 10, 2012, 01:45:48 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Thorin

August 10, 2012, 01:45:48 PM
http://www.slashgear.com/blizzard-hacked-battle-net-leaks-emails-and-more-10242491/

Blizzard got hacked and cryptographically "scrambled" passwords were stolen.  Also stolen were answers to secret questions, which means the passwords can be really easily reset.

So, anyone ever hear of Secure Remote Password (SRP) protocol?  It's apparently what Blizzard uses to secure passwords: http://en.wikipedia.org/wiki/Secure_Remote_Password_protocol.
Prayin' for a 20!

gcc thorin.c -pedantic -o Thorin
compile successful

Mr. Analog

#1
August 10, 2012, 03:03:04 PM
Yowza, this is gonna cause some mayhem!
By Grabthar's Hammer

Thorin

#2
August 10, 2012, 05:00:39 PM
I like how they use this really advanced technique of scrambling passwords but then store the answers to the secret questions in plain text so the hackers can just request a password reset and then set it to whatever they want.  Security, it's only as good as your weakest link, even if your strongest link is made out of two tons of tempered steel.
Prayin' for a 20!

gcc thorin.c -pedantic -o Thorin
compile successful
Print
Go Up Pages1
User actions