notice of compromised passwords
MacBook pro 16inch OS Monterey. I have been getting pop up notices telling me some of my passwords are part of a data leak. Not sure if this is valid or a scam
MacBook Pro 16″, macOS 12.1
You can make a difference in the Apple Support Community!
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
MacBook pro 16inch OS Monterey. I have been getting pop up notices telling me some of my passwords are part of a data leak. Not sure if this is valid or a scam
MacBook Pro 16″, macOS 12.1
This just happened to my dad on his iPhone. It mentions over a dozen accounts with probably 3-5 unique passwords between them all. Everything from PayPal, Venmo, credit cards, to Toast and Hoopla.
Are you saying the notification is really just a password strength warning? They make it appear his whole digital existence has been leaked!
Thanks for your help!
It's valid.
All it is telling you is you have a password that matches those found in some data leak somewhere. It doesn't mean that your specific username and that password were found.
But, that list of leaked passwords will find its way to the list of known passwords to use in a dictionary attack (brute force).
It is essentially advising you that the password may not be very strong anymore.
I suspected something like that, but was looking for some confirmation. Thanks
Are you saying the notification is really just a password strength warning?
No.
They make it appear his whole digital existence has been leaked!
The password was found in a data leak. It doesn't mean that his account that used that password was found in the data leak. Just the same password he is using was found.
I don't know what Hoopla is, but all the rest I don't imagine even store your password. No website should ever store the text of your password. They should store some form of salted hash of the password from which the actual password cannot be recovered. If you ever use a site that will offer to recover your lost password, you should never do anything with that site.
notice of compromised passwords