HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
Just so you know, if you have a Twitch account, you will need to update your password the next time you try to log into your account. 
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Twitch Reports Security Breach
- Thread starter HardOCP News
- Start date
lollerwaffle
Gawd
- Joined
- Feb 3, 2008
- Messages
- 665
Meanwhile, they indefinitely lock out users for TOS violations. That seems OK until your shit got hacked and account locked because of someone else streaming copyrighted content on your account.
Recourse? None. "Zero tolerance" per twitch.
Recourse? None. "Zero tolerance" per twitch.
temujin987
[H]ard|Gawd
- Joined
- Jun 24, 2008
- Messages
- 1,351
i didnt even get a notification. i had to google for their twatter account where a link to their blog post as twatted. that's some garbage communication.
Vercinaigh
Gawd
- Joined
- Jul 31, 2008
- Messages
- 849
hitbox.tv ftw
- Joined
- Aug 20, 2006
- Messages
- 13,000
Why does Twitch even need security? It has nothing of value.
Horrible new password requirements. I had to look up how they were calculating this crap.
Stupidly enough, "theydonttellyouwhatconstitutesagoodpassword" is still a bad password according to them because it's made up of 100% real words. No brute force attack is ever going to break that, and nobody is going to guess it. But a random group of eight characters, "A4v&y1;p" is fine. Just as implausible for a person to guess, but much easier for a computer to brute force. But it's impossible to remember.
I know some people will say, "use a password manager" but I don't really care about my twitch account. It has no important information in it. It doesn't need to be crazy secure.
Stupidly enough, "theydonttellyouwhatconstitutesagoodpassword" is still a bad password according to them because it's made up of 100% real words. No brute force attack is ever going to break that, and nobody is going to guess it. But a random group of eight characters, "A4v&y1;p" is fine. Just as implausible for a person to guess, but much easier for a computer to brute force. But it's impossible to remember.
I know some people will say, "use a password manager" but I don't really care about my twitch account. It has no important information in it. It doesn't need to be crazy secure.
Hornet
Supreme [H]ardness
- Joined
- Oct 4, 2005
- Messages
- 6,624
According to Reddit, some people's email notification contained this part, which wasn't present in my email message.
Probably only those affected got that particular message. But it's kind of scary to think that now these hackers don't just steal data from the system, but they are able to install their own malicious tool to capture password as they come in.
Probably only those affected got that particular message. But it's kind of scary to think that now these hackers don't just steal data from the system, but they are able to install their own malicious tool to capture password as they come in.