xkcd: 562k Accounts breached according to haveibeenpwned

xkcd: 562k Accounts breached according to haveibeenpwned(twitter.com)

45 points by phenomax 6 years ago | 14 comments

I wonder how many of those passwords are correcthorsebatterystaple

cristoperb 6 years ago |

I'm one of them :/

The haveibeenpwned description says password hashes are md5, which sucks. But phpBB has used bcrypt by default since version 3.1 (2014)... I wonder if all the hashes are md5 or only those for older accounts?

https://haveibeenpwned.com/PwnedWebsites#XKCD

lucb1e 6 years ago | |

Impacted as well, but I'm happy to be part of it. Either they'll crack an old password or, more likely, this is a new style password and they waste a lot of cracking time on it. Using a password manager for everything except a few offline things and my bank account was definitely the right move.

jsjohnst 6 years ago | | |

What do you use for your bank account?

jarfil 6 years ago | |

phpBB... I wonder how many of those accounts are just fake spam bot accounts.

jasoneckert 6 years ago |

This sucks. But on the bright side, we can expect an XKCD comic about it in the future.

JoeAltmaier 6 years ago |

Who has an 'account' with xkcd? Confused.

el_cujo 6 years ago | |

Looks like there is a forum for the site, which is now down due to the breach. I had no idea it existed, let alone had half a million accounts.

lambada 6 years ago | |

They have forums where you can discuss the comics and other things.

https://forums.xkcd.com/

kchoudhu 6 years ago | |

The XKCD forum is surprisingly well trafficked, and there's a pretty large crossover between their forums and Hackernews.

I used to like it back in the day; I even met my roommate (when I had one) there.

bhaak 6 years ago | |

Me, too. I mean, a xkcd forum is not that surprising but half a million users while I never heard about it existing?

Could that have been a honeypot? At least partly? That's something xkcd would do.

Tuna-Fish 6 years ago | | |

No, it's real. It used to be prominently on the site sidebar, but it got very big around the time xkcd first got popular, and the link was subsequently removed. After that, you had to know it existed and just go directly to forums.xkcd.com, so the only people who knew of it were generally the people who were early xkcd readers or people invited by them. Imho it's one of the better open "offtopic" discussion forums on the web, partly because of insular culture trending towards thoughtfulness.