Ubisoft accounts hacked?

[smackababy]

I hope ubisoft isn't keeping unhashed passwords in their system.

Unhashed and unsalted. That is how we do it in big companies!

 

[aigomorla]

I am thoroughly pissed you even had to explain this

Now share your internet wisdom with others!

i dont think he means it that way.

i think he's saying its a no brainer choice... everyone should already know to do this.

Personally i never change my PW via link unless i spoke with CS.
And if its a request like this, i'll typically call in customer support and verify the email is real.

No staff or anyone should ask for personal information via link/Instant Message/Personal Message.
Its setting yourself to get hacked.

Even if an AT staff asks for information via PM (which we dont under most situations), id CC a Admin with your response incase that staff's account got hacked.

 

[Aikouka]

Random Keepass generated passwords for all my major accounts now. The lack of security in corporate America is just ridiculous anymore.

The problem is when you don't have software support to enter these each time, or you may need to enter them elsewhere. For example, if I want to make a quick purchase at Amazon at work, it's quite the pain to pull out my phone just to open KyPass (have to type in my long key database password too) and get the password.

 

[Fallen Kell]

I hope ubisoft isn't keeping unhashed passwords in their system.

They were hashed. However, CPU power is so great today that many hashes have already been solved and a simple lookup table for your password is all that is between you and the hackers. Even if the particular hash has not been solved, because of the previously mentioned hash tables, the search space for your password has already been limited by millions of combinations from known hashes, and brute forcing the rest really only takes minutes for most hash algorithms.