Twitter accounts hacked, including encrypted ones

  john bunyan 18:17 02 Feb 2013

I hear that a quarter of a million Twitter accounts have been hacked, including some encrypted ones. See:

Twitter BBC

I am not a Twitterer as I think it is a bit narcissistic but if these people can hack encrypted files , is on line banking next?

  interzone55 21:25 03 Feb 2013

A security specialist gave me a good bit of password advise that I've used for a few years now.

Choose a song you know, take the first line (or two if they're short lines). Take the first letter of each word, and that's your password. Replace i or o with 1 or 0 and keep the correct capitalisation.

Take Stairway to Heaven as an example, that would give this password: Talwsatg1g

  fourm member 09:14 04 Feb 2013


That obviously gives a stronger password than many but I'm surprised at an expert suggesting using 1 and 0 instead of i and o. Surely that is so obvious the professional bad boys must have it in their hacking software.

  Quickbeam 09:31 04 Feb 2013

That's far too complicated alan14 to remember once I've forgotten the password and how I created it!

  john bunyan 09:54 04 Feb 2013

Are these "password lockers", such as this one below, worth having?


  Quickbeam 10:01 04 Feb 2013

Not if they get hacked. I'll stick with the password index at the back of LOTRs!

  Forum Editor 11:31 04 Feb 2013

john bunyan

I would never use anything that automated password entry or form filling. I do use a little free application called KeePass which stores my passwords very securely on a memory stick. I've used it for a while, and I have confidence in it - even if someone gets the memory stick they'll have a problem getting at my passwords which are encrypted using SHA-256 which is a 256-bit cryptographically secure one-way hash function.

To date there have been no known successful attacks against SHA-256.

  Forum Editor 11:37 04 Feb 2013

My sympathies are with Twitter and those affected. By all accounts the attack was a sophisticated affair, carried out by people who knew what they were doing.

I have nothing to do with Twitter - I don't have the time, and I can't for the life of me see the point of it all - but any breach of security like this one sends shivers down the spine of anyone in the IT business who has anything to do with confidential information on databases connected to a web server.

  fourm member 11:58 04 Feb 2013

'I don't have the time, and I can't for the life of me see the point of it all'

Exactly what I thought until I started using Twitter.

It's like all the conversations in a pub put together. Some are completely meaningless and some convey useful information or opinions.

People tend to focus on the meaningless because it is easy for some people to mock the idea that X million people are interested in what some reality show wannabee is doing.

Back in the '90s, I told my boss I couldn't see the point of the WWW because, at that time, I hadn't found things that I wanted to do with it.

I'm not proselytizing for Twitter; just saying that I've found it useful.

  Forum Editor 12:45 04 Feb 2013

"I'm not proselytizing for Twitter; just saying that I've found it useful."

And I understand that many people do. My point is that I don't have the time for yet another means of interacting with people, most of whom I don't know.

I don't see the point of it because I can already get as much information and as many opinions as I could ever want from the other sources I use, and I can't imagine that many people would be remotely interested in my stream of consciousness. There has to be a limit to the amount of social interacting a person can do in a day, whilst trying to earn a living at the same time.

If I'm going to engage in information and opinion interchange I would rather do it in a way that allows me more than the Twitter character limit. At the moment I'm thinking about blogging.

  interzone55 21:44 04 Feb 2013

fourm member

But surely the fact that i & o are changed to 1 & 0 is only obvious if you know the password.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

HTC U12 Plus review: Hands-on

Brilliant (and Weird) World Cup 2018 Art and Design Projects

Best Android emulators for Mac

TV & Streaming : comment regarder Roland Garros ?