I really suggest if you see your email in this list to change your github password. I have seen my account in this list along with the name of the companies I am member of in Github.
I tested 3-4 other accounts and all of them are valid credentials for github.com
I am still testing several accounts, more than 90% are legit accounts that didn't changed password yet. Among the accounts I did find companies such as Microsoft, General Electric, EpicGames and more.
Kind of off topic, but doesn't github and other big companies use a services that automatically emails the owner and/or resets their password when their account information shows up on pastebin?
I received emails from https://rbnhd.com/ & https://changepassword.nu/ and found those emails on my spam folder (gmail). The emails were saying that my password was leaked. I never subscribed on any of the above services.
16 comments
[ 3.2 ms ] story [ 56.7 ms ] threadAnd given these characteristics, chances are the hash was already in someones rainbow tables.
Better yet, now notice that the letters come from a set of four! That reduces the search space even more!
Ridiculous argument.
I beg to differ:
http://www.ijicic.org/ijicic-10-09032.pdf
So why are the accounts still up?
Is there a service monitoring pastebin etc. for an individual's email account?