Suggested change of Minecraft/Mojang Account Passwords [April 8th]

View previous topic View next topic Go down

Suggested change of Minecraft/Mojang Account Passwords [April 8th]

Post by Guest on 4/10/2014, 12:30 am

TLDR: Mojang suggested players change their MC passwords as a precautionary measure due to some really old security exploit that one of their load balancing services was vulnerable to.
I don't know how serious this is (considering this bug is 2 years old), but since mojang suggested a password change today, it's probably a good idea to change it.


Sources (There are others, but I've chosen these two):

http://www.minecraftforum.net/news/1222-important-update-your-minecraft-password-asap/#comments

http://www.gamenguide.com/articles/10340/20140408/minecraft-news-mojang-shuts-down-servers-due-heartbleed-bug.htm

-------------------------------------------
"Due to an exploit in the OpenSSL software used by Amazon's load balancing service (which we use for most of our stuff) we were forced to temporary suspend all of our services. All systems are now back online, and the exploit has been fixed. There was no way to target specific users, but we can not guarantee that your information wasn't compromised. Therefore we recommend everyone to change their Mojang/Minecraft account passwords."

"If you have not migrated your account, change your password at Minecraft.net.

If you have migrated your account, change your password at Mojang.com.

Regardless of whether you have or have not migrated, it is crucial to change your password."
-------------------------------------------

More info on the 2-year-old Heartbleed bug:
http://www.thewire.com/technology/2014/04/what-you-need-to-know-about-heartbleed-the-new-security-bug-scaring-the-internet/360366/


Last edited by Lina on 4/10/2014, 12:31 am; edited 1 time in total (Reason for editing : spelling and crap)

Guest
Guest


Back to top Go down

Re: Suggested change of Minecraft/Mojang Account Passwords [April 8th]

Post by madscientist032 on 4/10/2014, 8:48 pm

I'm going to add on to this post.

I recommend EVERYBODY change ALL their passwords, not just your Minecraft/Mojang password. Thousands of sites including Tumblr, Facebook, and Amazon (and potentially many more sites) were compromised by this "HeartBleed" exploit/bug/crack/whatever you want to call it. Change all your passwords, especially if you use the same password for more than one site. This goes double, no TRIPLE for online banking and other sites that use money and stuff. Like PayPal, Bank Of America, CitiBank, etc. Change all your passwords immediately. The last thing you want is for somebody to get access to your stuff and set it all to nothing.

_________________

madscientist032
Oasis SMP Owner
Oasis SMP Owner

Posts : 3718
Join date : 2011-02-09
Age : 25
Location : Black Mesa Research Facility, New Mexico

View user profile http://www.youtube.com/user/madscientist032

Back to top Go down

Re: Suggested change of Minecraft/Mojang Account Passwords [April 8th]

Post by Gr00veDriftTreh on 4/10/2014, 10:16 pm

While we are on the topic of cyber security I'd like to point out that the operating system Windows XP has officially stopped receiving updates.

What this means that changes made to the program to deal with bugs, glitches, and security issues will no longer be coming and these issues will no longer be managed.

At this point the XP software should be considered compromised and made obsolete.

There are two ways to deal with this hole in security.

1. Buy and install a modern up to date operating system.

2. Buy a new computer that runs current software.

Installing anti virus software will not solve the issues made by the absence of updates to this software. What you can do is start backing up and preserving files and other important documents to a storage device or a secure computer.

I myself will be updating/replacing this operating system and I advise you to do the same.

_________________
Youtube Account

My Psychs be all like...:

Goes well with...

Theme song I guess..:

Gr00veDriftTreh
Forum Admin
Forum Admin

Posts : 660
Join date : 2013-09-30
Age : 23
Location : USA, WA

View user profile

Back to top Go down

Re: Suggested change of Minecraft/Mojang Account Passwords [April 8th]

Post by Grimtongue on 4/11/2014, 11:23 am

madscientist032 wrote:I'm going to add on to this post.

I recommend EVERYBODY change ALL their passwords, not just your Minecraft/Mojang password. Thousands of sites including Tumblr, Facebook, and Amazon (and potentially many more sites) were compromised by this "HeartBleed" exploit/bug/crack/whatever you want to call it. Change all your passwords, especially if you use the same password for more than one site. This goes double, no TRIPLE for online banking and other sites that use money and stuff. Like PayPal, Bank Of America, CitiBank, etc. Change all your passwords immediately. The last thing you want is for somebody to get access to your stuff and set it all to nothing.

None of these banking sites were affected by the exploit.  Just like every other fear-mongering bullshit security alert, CVE-2014-0160 is being ludicrously over-hyped.  The institutions that you do business with will pro-actively tell you if you need to change your passwords.  Please don't give into fear and ignorance.

So why the big fuss over CVE-2014-0160 (aka Hearbleed)?:
Why else would a bunch of ad-revenue dependent media outlets want to increase traffic to their websites?  Why else would security firms want to propagate fear among the ignorant masses?  They do it for the money, of course!  That's why you see that bleeding heart logo on every article about this security exploit. That's why it's called "Heartbleed" instead of its real name, CVE-2014-0160.  Websites depend on page-views to drive their advertising revenues, while security firms depend on public visibility to justify their private and public funding.
Now you know, and knowing is half the battle.

It is considered "best practice" to routinely change your passwords regardless of whatever nonsense is in the news.  Changing them every 3 to 6 months is more than sufficient for most people

Grimtongue
Gold Miner
Gold Miner

Posts : 470
Join date : 2012-11-28
Age : 36
Location : Massachusetts

View user profile

Back to top Go down

Re: Suggested change of Minecraft/Mojang Account Passwords [April 8th]

Post by OsgaTharp on 4/11/2014, 11:56 am

Lets take off the tin foil hat for a second. Even if it isn't really a security issue, it doesn't hurt to take 1 minute to change a password just in case.

Going to lock this because its not a debate.

_________________

OsgaTharp
Forum Admin
Forum Admin

Posts : 741
Join date : 2011-09-22
Age : 22
Location : Indiana

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum