back to article Mozilla exposes 44,000 passwords

Mozilla inadvertently exposed the passwords of 44,000 inactive addons.mozilla.org accounts, but says there's nothing to worry about. "On December 17th, Mozilla was notified by a security researcher that a partial database of addons.mozilla.org user accounts was mistakenly left on a Mozilla public server," Mozilla's director of …

COMMENTS

This topic is closed for new posts.
FAIL

Sweet!

A sharp asskick all around for such goofery.

3
1
Silver badge

Ooh.

Nice relatively easy to crack MD5 hashes? Unsalted perchance?

Be good to try the resulting plain text passwords on any number of matching user names on any number of other subscription services, wouldn't you say?

1
2
FAIL

Oh F..k

I just knew that I should've used a different logon and password on those bank accounts.

0
0
Go

What's to stop ....

... the idiot (or idiots) who did this from doing it again with really, for real, sensitive data? And there are actually miscreants out there that tell me I should trust "the cloud". Yeah right. Today's Moziolla idiot is tomorrows cloud idiot. If that's not the case already.

3
0

At least it appears they were up front and open

A bit better than some other companies out there....

1
0
Unhappy

I, like Larry, wondered if it was a phishing trip...

silly sods...

0
0
Paris Hilton

...that feeling

I now have Ad-Aware pro on my machine, free. It's a regularly offered special, I had to go to the right sites...and I may have been phished. What a thought (however, as I said, it's a regular year-end special for subscribers to...eh...something).

--Glenn

0
0
Flame

Well that's fine . . .

Fine except for the probably thousands of accounts that use the same name and password EVERYWHERE.

1
0
Thumb Up

Same here

Exactomundo!

The dumb-asses!

"Oh, they're only old passwords ..." indeed!

0
0
Happy

Relax guys...

Even though weaknesses have been found in MD5 it doesn't mean that Joe Blow can feasibly extract the plaintext password from the hashes that were inadverently posted.

If you think you can, please tell me what plaintext I used for this hash: "0f0d334af847f44e9611204ed72275d0". I'll even tell you it's 14 characters plain english, no funny capitalization.

0
0
This topic is closed for new posts.

Forums