Silk Road forums
Discussion => Security => Topic started by: viracocha on June 29, 2011, 11:22 pm
-
Hello!
I was stupid enough to have the same username and password on MtGox and Silk Road. Now as I was going to order a little gift for myself I just realized my account was being emptied. I transfered bitcoins to Silk Road today, and 6 hours laters it was withdrawed from my account.
IF ANYONE IS AS STUPID AS ME AND USES THE SAME USERNAME AND PASSWORD ON MTGOX AND SILK ROAD. CHANGE THE SILK ROAD PASSWORD IMMEDIATELY!
PS: My password is considered strong.
Hope not to many people have been affected by this. Fucking thieves. scum of the earth FUCK
-
That sucks. YOu should try out an encrypted password manager that's local only or run from a single flash drive - flash drive encrypted as well - (compress and encrypt a backup once a week and store that somewhere else in case the drive gets lost). The programs that do 1024 bit or 2056 bit passwords are basically uncrackable unless you are crazy enough to set up a master password that's easy to hit.
Hopefully the thieving bastards didn't make off with too many BC - the lesson is the same whether it's expensive or cheap.
-
Yes gang please do not use the smae username and same passwords at any of your Tor sites or clearnet for that matter.
This seems to be the almost third week of this type of incidents, everyone please be smart and don't use simple easy passwords on any two sites. :D
-
I don't get it.
Are you saying MTGOX admins logged in here with your user/pass, saw that you were a silkroad user and then stole you BTC?
EDIT: oh! nevermind, I figured it out, your e-mail and user/pass were cracked in the mtgox hack and someone checked silkroad too. Smart dudes... in that case, CHANGE YOUR SILKROAD PASSWORD TOO!!!
-
Yeah, I had pretty much the same experience, with one twist. I initially tried to get the Bitcoin funding going with Mt Gox, but found it was just easier at Bitmarket.eu. I never added funds to my Mt Gox account and pretty much ignored it after I found an easier way to buy Bitcoins. But my login and password remained in the Mt Gox database.
Apparently, someone took my username and password and tried them on all the other Bitcoin websites. Lo and behold, this person was able to access my Bitmarket.eu account and sell off the bitcoins I had in there. There were only 3.43 bitcoins available, so no great loss, but that could have bought some sweet treats. Now that the bitcoins are gone, Bitmarket.eu says recovery of them is slim.
As anarcho47 suggested, I got a password manager and hurriedly changed all my passwords. I'm pissed and disappointed, plus I'm kicking myself for not seeing that someone could guess that a person might use more than one Bitcoin website.
So manage your passwords well, 'cause once those bitcoins are swiped they're gone baby gone.
-
We should be mostly protected if we use a different username and password on each site, correct? At least using different and difficult passwords on each site should also be ok, right?
-
Not only sharing passwords, but sharing aliases is a big no no. separate your identity when you are conducting illegal and legal business in the same frame.. There's no need to ever use duplicate credentials on multiple 'high value' sites, let alone a pass that is easily cracked when you have keepass and similar solutions.. If user db of 1 site is dumped and pass ends up in clear-text in someones possession or floating around the net that particular avenue will lead nowhere fast
-
Having the same identity here and in not-Tor internet just seems like the worst idea ever. Parallels can be drawn.