X
Nhấn vào đây để đến phiên bản di động của trang web.

Diễn đàn trợ giúp

Problem with well-intended aspect of Monitor. I had a data breach despite excellent habits. I can't change every password!

Được đăng

I am so sick of Google, I decided to give Firefox a try again. For the first time, it offered me Monitor, which demonstrated I have suffered a data breach, apparently at multiple sites, and they have all gotten hold of the same one of my passwords. Even though I suspect Y'all are aware that the breach was not my doing, Firefox is set up to treat me like an idiot after the fact, going into detail about safe passwords and using password manager apps--the whole thing about not using one password for multiple sites and all that, which I've been aware of and responded to cautiously and reliably for about the last fifteen years, of about twenty that I've been online.

The problem is that I am very internet savvy, so that info, as helpful as it is meant to be, is useless to me and a bit offensive. I have been using LastPass for about the last five years. I have nearly 300 unique passwords. It is useless to me to be told that some strangers have access to one of my nearly 300 passwords. What am I supposed to do with that information, change all my passwords? Why did they not provide me the password that was part of the breach, so I can hunt it down and change it? Right now, all it's done is set me up to worry, when in fact, the forces that absconded with my data, presumably as part of huge data breaches involving major companies, probably have no interest in me whatsoever! I think presenting things in this manner, as well meant as it may have been, is a bit irresponsible and condescending. Not everyone out here is an idiot, even if we may not be computer techs. Is there any way I can learn which of my many passwords was part of this breach? What else am I supposed to do with this info, when I already have unique passwords for all of my many accounts and I use a password manager?

I mean no offense in presenting my frustration and understand you all are volunteers and not responsible for the problems as I have outlined them. I hope someone can help me sort this out.

I am so sick of Google, I decided to give Firefox a try again. For the first time, it offered me Monitor, which demonstrated I have suffered a data breach, apparently at multiple sites, and they have all gotten hold of the same one of my passwords. Even though I suspect Y'all are aware that the breach was not my doing, Firefox is set up to treat me like an idiot after the fact, going into detail about safe passwords and using password manager apps--the whole thing about not using one password for multiple sites and all that, which I've been aware of and responded to cautiously and reliably for about the last fifteen years, of about twenty that I've been online. The problem is that I am very internet savvy, so that info, as helpful as it is meant to be, is useless to me and a bit offensive. I have been using LastPass for about the last five years. I have nearly 300 unique passwords. It is useless to me to be told that some strangers have access to one of my nearly 300 passwords. What am I supposed to do with that information, change all my passwords? Why did they not provide me the password that was part of the breach, so I can hunt it down and change it? Right now, all it's done is set me up to worry, when in fact, the forces that absconded with my data, presumably as part of huge data breaches involving major companies, probably have no interest in me whatsoever! I think presenting things in this manner, as well meant as it may have been, is a bit irresponsible and condescending. Not everyone out here is an idiot, even if we may not be computer techs. Is there any way I can learn which of my many passwords was part of this breach? What else am I supposed to do with this info, when I already have unique passwords for all of my many accounts and I use a password manager? I mean no offense in presenting my frustration and understand you all are volunteers and not responsible for the problems as I have outlined them. I hope someone can help me sort this out.

Giải pháp được chọn

As a footnote, Mozilla does not receive the details of data associated with your email address that may have been held by a website or data broker. Monitor can provide general information about the types of information that were discovered (or confessed to) in the leaked data, but that doesn't necessarily mean the site/broker had all that data for every address it held.

If you weren't a MySpace user, the company might captured your email address when extracting a "friend's" address book contents. But they might not know anything else -- why would they? -- and in that case there's no action required.

Unfortunately (?), Monitor can't know your specific relationship to the companies that suffer breaches, so you see the same thing a MySpace user sees.

Đọc câu trả lời này trong ngữ cảnh 1
Trích dẫn

Chi tiết hệ thống bổ sung

Phần bổ trợ đã cài đặt

  • Shockwave Flash 27.0 r0

Ứng dụng

  • Firefox 68.0
  • Chuỗi đại diện người dùng: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0
  • URL hỗ trợ: https://support.mozilla.org/1/firefox/68.0/WINNT/en-US/

Tiện ích mở rộng

  • Amazon.com 1.1 (amazondotcom@search.mozilla.org)
  • Bing 1.0 (bing@search.mozilla.org)
  • DuckDuckGo 1.0 (ddg@search.mozilla.org)
  • eBay 1.0 (ebay@search.mozilla.org)
  • ETP Search Volume Study 1.2 (etp-search-volume-study@shield.mozilla.org)
  • Google 1.0 (google@search.mozilla.org)
  • LastPass: Free Password Manager 4.29.0.4 (support@lastpass.com)
  • McAfee® WebAdvisor 7.0.0.27772 ({4ED1F68A-5463-4931-9384-8FFF5ED91D92})
  • TrackOFF 1.8 (jid1-fdeTnCw8ZR5F0Q@jetpack)
  • Twitter 1.0 (twitter@search.mozilla.org)
  • Wikipedia (en) 1.0 (wikipedia@search.mozilla.org)
  • Unbranded Search Test 0.9 (unbrandedsearchtest132@mozilla.com) (không hoạt động)

Javascript

  • incrementalGCEnabled: True

Đồ họa

  • adapterDescription: Intel(R) HD Graphics 4600
  • adapterDescription2:
  • adapterDeviceID: 0x0412
  • adapterDeviceID2:
  • adapterDrivers: igdumdim64 igd10iumd64 igd10iumd64 igd12umd64 igdumdim32 igd10iumd32 igd10iumd32 igd12umd32
  • adapterDrivers2:
  • adapterRAM: Unknown
  • adapterRAM2:
  • adapterSubsysID: 06221028
  • adapterSubsysID2:
  • adapterVendorID: 0x8086
  • adapterVendorID2:
  • clearTypeParameters: Gamma: 1.8 Pixel Structure: RGB ClearType Level: 100 Enhanced Contrast: 50
  • contentUsesTiling: False
  • crashGuards: []
  • direct2DEnabled: True
  • directWriteEnabled: True
  • directWriteVersion: 10.0.17763.615
  • driverDate: 9-29-2016
  • driverDate2:
  • driverVendor:
  • driverVendor2:
  • driverVersion: 20.19.15.4531
  • driverVersion2:
  • featureLog: {u'fallbacks': [], u'features': [{u'status': u'available', u'description': u'Compositing', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'HW_COMPOSITING'}, {u'status': u'available', u'description': u'Direct3D11 Compositing', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'D3D11_COMPOSITING'}, {u'status': u'available', u'description': u'Direct2D', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'DIRECT2D'}, {u'status': u'available', u'description': u'Direct3D11 hardware ANGLE', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'D3D11_HW_ANGLE'}, {u'status': u'available', u'description': u'GPU Process', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'GPU_PROCESS'}, {u'status': u'opt-in', u'description': u'WebRender', u'log': [{u'status': u'opt-in', u'message': u'WebRender is an opt-in feature', u'type': u'default'}], u'name': u'WEBRENDER'}, {u'status': u'blocked-vendor-unsupported', u'description': u'WebRender qualified', u'log': [{u'status': u'available', u'type': u'default'}, {u'status': u'blocked-vendor-unsupported', u'message': u'Unsupported vendor', u'type': u'env'}], u'name': u'WEBRENDER_QUALIFIED'}, {u'status': u'available', u'description': u'Off Main Thread Painting', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'OMTP'}, {u'status': u'available', u'description': u'Advanced Layers', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'ADVANCED_LAYERS'}]}
  • info: {u'AzureContentBackend (UI Process)': u'skia', u'AzureCanvasBackend (UI Process)': u'skia', u'ApzWheelInput': 1, u'ApzDragInput': 1, u'ApzKeyboardInput': 1, u'AzureFallbackCanvasBackend (UI Process)': u'cairo', u'ApzAutoscrollInput': 1, u'AzureCanvasBackend': u'direct2d 1.1', u'AzureContentBackend': u'direct2d 1.1'}
  • isGPU2Active: False
  • numAcceleratedWindows: 1
  • numTotalWindows: 1
  • offMainThreadPaintEnabled: True
  • offMainThreadPaintWorkerCount: 3
  • targetFrameRate: 60
  • usesTiling: False
  • webgl1DriverExtensions: GL_ANGLE_client_arrays GL_ANGLE_depth_texture GL_ANGLE_explicit_context GL_ANGLE_explicit_context_gles1 GL_ANGLE_framebuffer_blit GL_ANGLE_framebuffer_multisample GL_ANGLE_instanced_arrays GL_ANGLE_lossy_etc_decode GL_ANGLE_memory_size GL_ANGLE_multi_draw GL_ANGLE_multiview_multisample GL_ANGLE_pack_reverse_row_order GL_ANGLE_program_cache_control GL_ANGLE_provoking_vertex GL_ANGLE_request_extension GL_ANGLE_robust_client_memory GL_ANGLE_texture_compression_dxt3 GL_ANGLE_texture_compression_dxt5 GL_ANGLE_texture_usage GL_ANGLE_translated_shader_source GL_CHROMIUM_bind_generates_resource GL_CHROMIUM_bind_uniform_location GL_CHROMIUM_color_buffer_float_rgb GL_CHROMIUM_color_buffer_float_rgba GL_CHROMIUM_copy_compressed_texture GL_CHROMIUM_copy_texture GL_CHROMIUM_sync_query GL_EXT_blend_func_extended GL_EXT_blend_minmax GL_EXT_color_buffer_half_float GL_EXT_debug_marker GL_EXT_discard_framebuffer GL_EXT_disjoint_timer_query GL_EXT_draw_buffers GL_EXT_float_blend GL_EXT_frag_depth GL_EXT_instanced_arrays GL_EXT_map_buffer_range GL_EXT_occlusion_query_boolean GL_EXT_read_format_bgra GL_EXT_robustness GL_EXT_sRGB GL_EXT_shader_texture_lod GL_EXT_texture_compression_bptc GL_EXT_texture_compression_dxt1 GL_EXT_texture_compression_s3tc_srgb GL_EXT_texture_filter_anisotropic GL_EXT_texture_format_BGRA8888 GL_EXT_texture_rg GL_EXT_texture_storage GL_EXT_unpack_subimage GL_KHR_debug GL_KHR_parallel_shader_compile GL_KHR_robust_buffer_access_behavior GL_NV_EGL_stream_consumer_external GL_NV_fence GL_NV_pack_subimage GL_NV_pixel_buffer_object GL_OES_EGL_image GL_OES_EGL_image_external GL_OES_compressed_ETC1_RGB8_texture GL_OES_depth32 GL_OES_element_index_uint GL_OES_get_program_binary GL_OES_mapbuffer GL_OES_packed_depth_stencil GL_OES_rgb8_rgba8 GL_OES_standard_derivatives GL_OES_surfaceless_context GL_OES_texture_border_clamp GL_OES_texture_float GL_OES_texture_float_linear GL_OES_texture_half_float GL_OES_texture_half_float_linear GL_OES_texture_npot GL_OES_vertex_array_object OES_compressed_EAC_R11_signed_texture OES_compressed_EAC_R11_unsigned_texture OES_compressed_EAC_RG11_signed_texture OES_compressed_EAC_RG11_unsigned_texture OES_compressed_ETC2_RGB8_texture OES_compressed_ETC2_RGBA8_texture OES_compressed_ETC2_punchthroughA_RGBA8_texture OES_compressed_ETC2_punchthroughA_sRGB8_alpha_texture OES_compressed_ETC2_sRGB8_alpha8_texture OES_compressed_ETC2_sRGB8_texture
  • webgl1Extensions: ANGLE_instanced_arrays EXT_blend_minmax EXT_color_buffer_half_float EXT_disjoint_timer_query EXT_float_blend EXT_frag_depth EXT_shader_texture_lod EXT_sRGB EXT_texture_compression_bptc EXT_texture_filter_anisotropic OES_element_index_uint OES_standard_derivatives OES_texture_float OES_texture_float_linear OES_texture_half_float OES_texture_half_float_linear OES_vertex_array_object WEBGL_color_buffer_float WEBGL_compressed_texture_s3tc WEBGL_compressed_texture_s3tc_srgb WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_depth_texture WEBGL_draw_buffers WEBGL_lose_context
  • webgl1Renderer: Google Inc. -- ANGLE (Intel(R) HD Graphics 4600 Direct3D11 vs_5_0 ps_5_0)
  • webgl1Version: OpenGL ES 2.0 (ANGLE 2.1.0.8a050090f926)
  • webgl1WSIInfo: EGL_VENDOR: Google Inc. (adapter LUID: 000000000000df82) EGL_VERSION: 1.4 (ANGLE 2.1.0.8a050090f926) EGL_EXTENSIONS: EGL_EXT_create_context_robustness EGL_ANGLE_d3d_share_handle_client_buffer EGL_ANGLE_d3d_texture_client_buffer EGL_ANGLE_surface_d3d_texture_2d_share_handle EGL_ANGLE_query_surface_pointer EGL_ANGLE_window_fixed_size EGL_ANGLE_keyed_mutex EGL_ANGLE_surface_orientation EGL_ANGLE_direct_composition EGL_NV_post_sub_buffer EGL_KHR_create_context EGL_EXT_device_query EGL_KHR_image EGL_KHR_image_base EGL_KHR_gl_texture_2D_image EGL_KHR_gl_texture_cubemap_image EGL_KHR_gl_renderbuffer_image EGL_KHR_get_all_proc_addresses EGL_KHR_stream EGL_KHR_stream_consumer_gltexture EGL_NV_stream_consumer_gltexture_yuv EGL_ANGLE_flexible_surface_compatibility EGL_ANGLE_stream_producer_d3d_texture EGL_ANGLE_create_context_webgl_compatibility EGL_CHROMIUM_create_context_bind_generates_resource EGL_CHROMIUM_sync_control EGL_EXT_pixel_format_float EGL_KHR_surfaceless_context EGL_ANGLE_display_texture_share_group EGL_ANGLE_create_context_client_arrays EGL_ANGLE_program_cache_control EGL_ANGLE_robust_resource_initialization EGL_ANGLE_create_context_extensions_enabled EGL_ANDROID_blob_cache EGL_ANDROID_recordable EGL_EXTENSIONS(nullptr): EGL_EXT_client_extensions EGL_EXT_platform_base EGL_EXT_platform_device EGL_ANGLE_platform_angle EGL_ANGLE_platform_angle_d3d EGL_ANGLE_device_creation EGL_ANGLE_device_creation_d3d11 EGL_ANGLE_experimental_present_path EGL_KHR_client_get_all_proc_addresses EGL_KHR_debug EGL_ANGLE_explicit_context
  • webgl2DriverExtensions: GL_ANGLE_client_arrays GL_ANGLE_copy_texture_3d GL_ANGLE_depth_texture GL_ANGLE_explicit_context GL_ANGLE_explicit_context_gles1 GL_ANGLE_framebuffer_blit GL_ANGLE_framebuffer_multisample GL_ANGLE_instanced_arrays GL_ANGLE_lossy_etc_decode GL_ANGLE_memory_size GL_ANGLE_multi_draw GL_ANGLE_multiview_multisample GL_ANGLE_pack_reverse_row_order GL_ANGLE_program_cache_control GL_ANGLE_provoking_vertex GL_ANGLE_request_extension GL_ANGLE_robust_client_memory GL_ANGLE_texture_compression_dxt3 GL_ANGLE_texture_compression_dxt5 GL_ANGLE_texture_multisample GL_ANGLE_texture_usage GL_ANGLE_translated_shader_source GL_CHROMIUM_bind_generates_resource GL_CHROMIUM_bind_uniform_location GL_CHROMIUM_color_buffer_float_rgb GL_CHROMIUM_color_buffer_float_rgba GL_CHROMIUM_copy_compressed_texture GL_CHROMIUM_copy_texture GL_CHROMIUM_sync_query GL_EXT_blend_func_extended GL_EXT_blend_minmax GL_EXT_color_buffer_float GL_EXT_color_buffer_half_float GL_EXT_debug_marker GL_EXT_discard_framebuffer GL_EXT_disjoint_timer_query GL_EXT_draw_buffers GL_EXT_float_blend GL_EXT_frag_depth GL_EXT_instanced_arrays GL_EXT_map_buffer_range GL_EXT_occlusion_query_boolean GL_EXT_read_format_bgra GL_EXT_robustness GL_EXT_sRGB GL_EXT_shader_texture_lod GL_EXT_texture_compression_bptc GL_EXT_texture_compression_dxt1 GL_EXT_texture_compression_s3tc_srgb GL_EXT_texture_filter_anisotropic GL_EXT_texture_format_BGRA8888 GL_EXT_texture_norm16 GL_EXT_texture_rg GL_EXT_texture_storage GL_EXT_unpack_subimage GL_KHR_debug GL_KHR_parallel_shader_compile GL_KHR_robust_buffer_access_behavior GL_NV_EGL_stream_consumer_external GL_NV_fence GL_NV_pack_subimage GL_NV_pixel_buffer_object GL_OES_EGL_image GL_OES_EGL_image_external GL_OES_EGL_image_external_essl3 GL_OES_compressed_ETC1_RGB8_texture GL_OES_depth32 GL_OES_element_index_uint GL_OES_get_program_binary GL_OES_mapbuffer GL_OES_packed_depth_stencil GL_OES_rgb8_rgba8 GL_OES_standard_derivatives GL_OES_surfaceless_context GL_OES_texture_border_clamp GL_OES_texture_float GL_OES_texture_float_linear GL_OES_texture_half_float GL_OES_texture_half_float_linear GL_OES_texture_npot GL_OES_vertex_array_object GL_OVR_multiview2 OES_compressed_EAC_R11_signed_texture OES_compressed_EAC_R11_unsigned_texture OES_compressed_EAC_RG11_signed_texture OES_compressed_EAC_RG11_unsigned_texture OES_compressed_ETC2_RGB8_texture OES_compressed_ETC2_RGBA8_texture OES_compressed_ETC2_punchthroughA_RGBA8_texture OES_compressed_ETC2_punchthroughA_sRGB8_alpha_texture OES_compressed_ETC2_sRGB8_alpha8_texture OES_compressed_ETC2_sRGB8_texture
  • webgl2Extensions: EXT_color_buffer_float EXT_disjoint_timer_query EXT_float_blend EXT_texture_compression_bptc EXT_texture_filter_anisotropic OES_texture_float_linear WEBGL_compressed_texture_s3tc WEBGL_compressed_texture_s3tc_srgb WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_lose_context
  • webgl2Renderer: Google Inc. -- ANGLE (Intel(R) HD Graphics 4600 Direct3D11 vs_5_0 ps_5_0)
  • webgl2Version: OpenGL ES 3.0 (ANGLE 2.1.0.8a050090f926)
  • webgl2WSIInfo: EGL_VENDOR: Google Inc. (adapter LUID: 000000000000df82) EGL_VERSION: 1.4 (ANGLE 2.1.0.8a050090f926) EGL_EXTENSIONS: EGL_EXT_create_context_robustness EGL_ANGLE_d3d_share_handle_client_buffer EGL_ANGLE_d3d_texture_client_buffer EGL_ANGLE_surface_d3d_texture_2d_share_handle EGL_ANGLE_query_surface_pointer EGL_ANGLE_window_fixed_size EGL_ANGLE_keyed_mutex EGL_ANGLE_surface_orientation EGL_ANGLE_direct_composition EGL_NV_post_sub_buffer EGL_KHR_create_context EGL_EXT_device_query EGL_KHR_image EGL_KHR_image_base EGL_KHR_gl_texture_2D_image EGL_KHR_gl_texture_cubemap_image EGL_KHR_gl_renderbuffer_image EGL_KHR_get_all_proc_addresses EGL_KHR_stream EGL_KHR_stream_consumer_gltexture EGL_NV_stream_consumer_gltexture_yuv EGL_ANGLE_flexible_surface_compatibility EGL_ANGLE_stream_producer_d3d_texture EGL_ANGLE_create_context_webgl_compatibility EGL_CHROMIUM_create_context_bind_generates_resource EGL_CHROMIUM_sync_control EGL_EXT_pixel_format_float EGL_KHR_surfaceless_context EGL_ANGLE_display_texture_share_group EGL_ANGLE_create_context_client_arrays EGL_ANGLE_program_cache_control EGL_ANGLE_robust_resource_initialization EGL_ANGLE_create_context_extensions_enabled EGL_ANDROID_blob_cache EGL_ANDROID_recordable EGL_EXTENSIONS(nullptr): EGL_EXT_client_extensions EGL_EXT_platform_base EGL_EXT_platform_device EGL_ANGLE_platform_angle EGL_ANGLE_platform_angle_d3d EGL_ANGLE_device_creation EGL_ANGLE_device_creation_d3d11 EGL_ANGLE_experimental_present_path EGL_KHR_client_get_all_proc_addresses EGL_KHR_debug EGL_ANGLE_explicit_context
  • windowLayerManagerRemote: True
  • windowLayerManagerType: Direct3D 11
  • windowUsingAdvancedLayers: True

Thay đổi cài đặt

Linh tinh

  • Người dùng JS: Không
  • Có thể tiếp cận: Không
Tyler Downer
  • Top 25 Contributor
  • Moderator
1538 giải pháp 10733 câu trả lời
Được đăng

If you have unique passwords on each website, then you know how to mitigate the risk. This isn't a problem with Monitor. most users re-use passwords, and so knowing when one is breached is useful information.

If you have unique passwords on each website, then you know how to mitigate the risk. This isn't a problem with Monitor. most users re-use passwords, and so knowing when one is breached is useful information.
Bài viết này có hữu ích với bạn không? 1
Trích dẫn
stephenlloydhelper 0 giải pháp 2 câu trả lời
Được đăng

rsredden said

I am so sick of Google, I decided to give Firefox a try again. For the first time, it offered me Monitor, which demonstrated I have suffered a data breach, apparently at multiple sites, and they have all gotten hold of the same one of my passwords. Even though I suspect Y'all are aware that the breach was not my doing, Firefox is set up to treat me like an idiot after the fact, going into detail about safe passwords and using password manager apps--the whole thing about not using one password for multiple sites and all that, which I've been aware of and responded to cautiously and reliably for about the last fifteen years, of about twenty that I've been online. The problem is that I am very internet savvy, so that info, as helpful as it is meant to be, is useless to me and a bit offensive. I have been using LastPass for about the last five years. I have nearly 300 unique passwords. It is useless to me to be told that some strangers have access to one of my nearly 300 passwords. What am I supposed to do with that information, change all my passwords? Why did they not provide me the password that was part of the breach, so I can hunt it down and change it? Right now, all it's done is set me up to worry, when in fact, the forces that absconded with my data, presumably as part of huge data breaches involving major companies, probably have no interest in me whatsoever! I think presenting things in this manner, as well meant as it may have been, is a bit irresponsible and condescending. Not everyone out here is an idiot, even if we may not be computer techs. Is there any way I can learn which of my many passwords was part of this breach? What else am I supposed to do with this info, when I already have unique passwords for all of my many accounts and I use a password manager? I mean no offense in presenting my frustration and understand you all are volunteers and not responsible for the problems as I have outlined them. I hope someone can help me sort this out.

I completely agree. And there seems to have been no reply from Mozilla that makes any sense. The notification of breaches is very worrying and then we are presented with no specific options. Like you say, change WHICH passwords?! C'mon Firefox, life your game here.

''rsredden [[#question-1264829|said]]'' <blockquote> I am so sick of Google, I decided to give Firefox a try again. For the first time, it offered me Monitor, which demonstrated I have suffered a data breach, apparently at multiple sites, and they have all gotten hold of the same one of my passwords. Even though I suspect Y'all are aware that the breach was not my doing, Firefox is set up to treat me like an idiot after the fact, going into detail about safe passwords and using password manager apps--the whole thing about not using one password for multiple sites and all that, which I've been aware of and responded to cautiously and reliably for about the last fifteen years, of about twenty that I've been online. The problem is that I am very internet savvy, so that info, as helpful as it is meant to be, is useless to me and a bit offensive. I have been using LastPass for about the last five years. I have nearly 300 unique passwords. It is useless to me to be told that some strangers have access to one of my nearly 300 passwords. What am I supposed to do with that information, change all my passwords? Why did they not provide me the password that was part of the breach, so I can hunt it down and change it? Right now, all it's done is set me up to worry, when in fact, the forces that absconded with my data, presumably as part of huge data breaches involving major companies, probably have no interest in me whatsoever! I think presenting things in this manner, as well meant as it may have been, is a bit irresponsible and condescending. Not everyone out here is an idiot, even if we may not be computer techs. Is there any way I can learn which of my many passwords was part of this breach? What else am I supposed to do with this info, when I already have unique passwords for all of my many accounts and I use a password manager? I mean no offense in presenting my frustration and understand you all are volunteers and not responsible for the problems as I have outlined them. I hope someone can help me sort this out. </blockquote> I completely agree. And there seems to have been no reply from Mozilla that makes any sense. The notification of breaches is very worrying and then we are presented with no specific options. Like you say, change WHICH passwords?! C'mon Firefox, life your game here.
Bài viết này có hữu ích với bạn không?
Trích dẫn
stephenlloydhelper 0 giải pháp 2 câu trả lời
Được đăng

I completely agree. And there seems to have been no reply from Mozilla that makes any sense. The notification of breaches is very worrying and then we are presented with no specific options. Like you say, change WHICH passwords?! C'mon Firefox, life your game here.

I completely agree. And there seems to have been no reply from Mozilla that makes any sense. The notification of breaches is very worrying and then we are presented with no specific options. Like you say, change WHICH passwords?! C'mon Firefox, life your game here.
Bài viết này có hữu ích với bạn không?
Trích dẫn
Tyler Downer
  • Top 25 Contributor
  • Moderator
1538 giải pháp 10733 câu trả lời
Được đăng

You would change the password on the site that was breached. So if monitor told you that your account on xyz.com was breached, change that password and any other sites that use the same password.

You would change the password on the site that was breached. So if monitor told you that your account on xyz.com was breached, change that password and any other sites that use the same password.
Bài viết này có hữu ích với bạn không? 0
Trích dẫn

Người tạo câu hỏi

As I tried to make clear to you, I have several hundred internet accounts, each with its own password. I want to ask, do you think it is easy to hunt down a correct password from several hundred when you are just given a handful of the characters, but the fact is I tried very carefully to do exactly that, and I could not find it. I went through account by account, looking for those exact characters and came up empty-handed, so I am left right where I was. I know it certainly has nothing to do with any of my major accounts with which I do regular business or money handling, and I am nearly convinced there is no such account with that password--for all I know, I had other reason to change that password after the breech, so I just feel like Firefox, well-meaning as I acknowledged them to be, set me up to worry for nothing, because they aim everything at the least responsible users of the internet. I wasted a whole lot of my personal time and effort looking for something I ultimately could not find, and I don't appreciate it. I have stopped using Firefox, yet again, and I am back on Chrome.

I should let you know that you come off sounding pretty stuck up about yourself, that you took it from what I said that I didn't even know to go looking for the password with intention of replacing it. I simply wanted to know, if you had access to the password, why you offered me only a fragment of it (most of my passwords are 14 characters long, so to be certain I didn't miss it is impossible, but I can't spend the rest of my life hunting down a handful of characters in long passwords on hundreds of sites; it's just silly!).

When you are communicating with a user who has made clear that they are not inept on the internet or their computer, you should think twice before speaking to them as if they were idiots. It doesn't make you look good, regardless of how many "solutions" or "answers" you have arrived at. Thank you.

As I tried to make clear to you, I have several hundred internet accounts, each with its own password. I want to ask, do you think it is easy to hunt down a correct password from several hundred when you are just given a handful of the characters, but the fact is I tried very carefully to do exactly that, and I could not find it. I went through account by account, looking for those exact characters and came up empty-handed, so I am left right where I was. I know it certainly has nothing to do with any of my major accounts with which I do regular business or money handling, and I am nearly convinced there is no such account with that password--for all I know, I had other reason to change that password after the breech, so I just feel like Firefox, well-meaning as I acknowledged them to be, set me up to worry for nothing, because they aim everything at the least responsible users of the internet. I wasted a whole lot of my personal time and effort looking for something I ultimately could not find, and I don't appreciate it. I have stopped using Firefox, yet again, and I am back on Chrome. I should let you know that you come off sounding pretty stuck up about yourself, that you took it from what I said that I didn't even know to go looking for the password with intention of replacing it. I simply wanted to know, if you had access to the password, why you offered me only a fragment of it (most of my passwords are 14 characters long, so to be certain I didn't miss it is impossible, but I can't spend the rest of my life hunting down a handful of characters in long passwords on hundreds of sites; it's just silly!). When you are communicating with a user who has made clear that they are not inept on the internet or their computer, you should think twice before speaking to them as if they were idiots. It doesn't make you look good, regardless of how many "solutions" or "answers" you have arrived at. Thank you.
Bài viết này có hữu ích với bạn không?
Trích dẫn
Tyler Downer
  • Top 25 Contributor
  • Moderator
1538 giải pháp 10733 câu trả lời
Được đăng

Monitor doesn't tell you the password. It tells you th account that was breached. So even if you have hundreds of accounts, if monitor tells you that www.website.com was breached, you can go there and change your password.

Monitor doesn't tell you the password. It tells you th account that was breached. So even if you have hundreds of accounts, if monitor tells you that www.website.com was breached, you can go there and change your password.
Bài viết này có hữu ích với bạn không?
Trích dẫn

Người tạo câu hỏi

And the other, bigger issue is that they did not tell me what site the account was on. I could not go to any specific account to readily find the specific password as you suggest. As I clearly informed you, they only gave me a handful of characters of the password. If they had indicated the website of the account, it obviously would have been very easy to take care of, and I could only presume that that was information they did not have access to, because they did not provide it. If they know the website involved and don't provide it, that is even worse, but as it is, your condescending recommendation that we look at our account on xyz.com is absolutely useless and seems to demonstrate, that at least on this issue, you don't have a clue what you're talking about. It was so far afield of the experience, that at first I didn't even notice the period and that you had given me a generic web address, which did not fit in the picture at all, and I thought it was supposed to represent what I actually got, which, again, was just a handful of characters from the password that was filched. Thank you.

And the other, bigger issue is that they did not tell me what site the account was on. I could not go to any specific account to readily find the specific password as you suggest. As I clearly informed you, they only gave me a handful of characters of the password. If they had indicated the website of the account, it obviously would have been very easy to take care of, and I could only presume that that was information they did not have access to, because they did not provide it. If they know the website involved and don't provide it, that is even worse, but as it is, your condescending recommendation that we look at our account on xyz.com is absolutely useless and seems to demonstrate, that at least on this issue, you don't have a clue what you're talking about. It was so far afield of the experience, that at first I didn't even notice the period and that you had given me a generic web address, which did not fit in the picture at all, and I thought it was supposed to represent what I actually got, which, again, was just a handful of characters from the password that was filched. Thank you.
Bài viết này có hữu ích với bạn không?
Trích dẫn

Người tạo câu hỏi

Someone else has entered the discussion to inform me that they would have given me a website address. Both are mistaken. I do not have an account on any site that is named by five random characters and has no domain. I don't suspect anyone does (yes, I am being a wiseguy to put it that way). The note explained to me plainly that I was being provided with part of the password that had been accessed by the web criminals who took part in the breech. If I had been given a web address, I could have and would have readily control-clicked on it to find out what account it was online (as the characters provided did not suggest any website--once I found it useless, I had no reason to store it or remember it, but it was something like #akL0 and looked very much like a small chunk of one of my dear LastPass passwords), and that was plainly not an option. Anyway, I'm done with y'all. I like the idea of Firefox, but every time I try to give it a try, something turns me off, and you've done it again. Thank you.

Someone else has entered the discussion to inform me that they would have given me a website address. Both are mistaken. I do not have an account on any site that is named by five random characters and has no domain. I don't suspect anyone does (yes, I am being a wiseguy to put it that way). The note explained to me plainly that I was being provided with part of the password that had been accessed by the web criminals who took part in the breech. If I had been given a web address, I could have and would have readily control-clicked on it to find out what account it was online (as the characters provided did not suggest any website--once I found it useless, I had no reason to store it or remember it, but it was something like #akL0 and looked very much like a small chunk of one of my dear LastPass passwords), and that was plainly not an option. Anyway, I'm done with y'all. I like the idea of Firefox, but every time I try to give it a try, something turns me off, and you've done it again. Thank you.
Bài viết này có hữu ích với bạn không?
Trích dẫn
Tyler Downer
  • Top 25 Contributor
  • Moderator
1538 giải pháp 10733 câu trả lời
Được đăng

Are you sure you are talking about Firefox monitor? Because the website is always part of the breach. Perhaps you can share a screenshot? Monitor doesn't have access to the leaked password, it only knows the email address and the service that was breached. Not the password. So it would never have sent you 5 characters from the leaked password to begin with.

Are you sure you are talking about Firefox monitor? Because the website is always part of the breach. Perhaps you can share a screenshot? Monitor doesn't have access to the leaked password, it only knows the email address and the service that was breached. Not the password. So it would never have sent you 5 characters from the leaked password to begin with.
Bài viết này có hữu ích với bạn không?
Trích dẫn
McCoy
  • Top 10 Contributor
546 giải pháp 5143 câu trả lời
Được đăng

@ rsredden and stephenlloydhelper :

Would you please go over these frequently asked questions :

https://support.mozilla.org/en-US/kb/firefox-monitor-faq

@ rsredden and stephenlloydhelper : Would you please go over these frequently asked questions : https://support.mozilla.org/en-US/kb/firefox-monitor-faq
Bài viết này có hữu ích với bạn không?
Trích dẫn

Người tạo câu hỏi

It was long enough ago now that I don't recall all the details, but the issue arose when I reinstalled Firefox and it opened to Monitor for the first time. I do not recall if I followed the information to find the partial password somewhere else. Because it was months ago, and I no longer recall the details, I just now went on Monitor and found two separate breaches, one of which was on a site (MySpace.com) I have never used but may have been used by my two now adult sons when they were children and used my computer. We have not lived together for seven years now and probably any use of MySpace by them would have been considerably longer ago than that, and when I went to the site, LastPass failed to demonstrate my having a password for it on the computer, and I do not find it on searching my LastPass vault. The other was a site that I find online was responsible for hundreds of millions of data breaches (verification.io), and I am certain I never had reason to have an account with such an organization. It is described as having been an "email marketing company," and I don't even know what that means, but I certainly never had reason to seek assistance from one. After what I read, I feared going to that site, but I opened LastPass and again found no evidence of any such account and no password for it. It leaves me in the same position of wondering what on earth I'm supposed to do with this information, how on earth I suffered a data breach by these two companies that have never been part of my computer activity (at least not intentionally), and how I can protect myself from data breaches by companies I have no reason to believe I ever used directly and have no evidence of ever having had an account with.

It was long enough ago now that I don't recall all the details, but the issue arose when I reinstalled Firefox and it opened to Monitor for the first time. I do not recall if I followed the information to find the partial password somewhere else. Because it was months ago, and I no longer recall the details, I just now went on Monitor and found two separate breaches, one of which was on a site (MySpace.com) I have never used but may have been used by my two now adult sons when they were children and used my computer. We have not lived together for seven years now and probably any use of MySpace by them would have been considerably longer ago than that, and when I went to the site, LastPass failed to demonstrate my having a password for it on the computer, and I do not find it on searching my LastPass vault. The other was a site that I find online was responsible for hundreds of millions of data breaches (verification.io), and I am certain I never had reason to have an account with such an organization. It is described as having been an "email marketing company," and I don't even know what that means, but I certainly never had reason to seek assistance from one. After what I read, I feared going to that site, but I opened LastPass and again found no evidence of any such account and no password for it. It leaves me in the same position of wondering what on earth I'm supposed to do with this information, how on earth I suffered a data breach by these two companies that have never been part of my computer activity (at least not intentionally), and how I can protect myself from data breaches by companies I have no reason to believe I ever used directly and have no evidence of ever having had an account with.
Bài viết này có hữu ích với bạn không?
Trích dẫn
Tyler Downer
  • Top 25 Contributor
  • Moderator
1538 giải pháp 10733 câu trả lời
Được đăng

Ah, so you've run into a case of a website that scrapes e-mails being hacked.

You can read about that specific breach at https://monitor.firefox.com/breach-details/VerificationsIO

Basically, yes, not all websites that are hacked contained data you gave them. Some websites collect data, and then sell it to other parties. There isn't anything specific you can do about that breach, but you can make sure that any websites that use that e-mail address have new passwords.

Ah, so you've run into a case of a website that scrapes e-mails being hacked. You can read about that specific breach at https://monitor.firefox.com/breach-details/VerificationsIO Basically, yes, not all websites that are hacked contained data you gave them. Some websites collect data, and then sell it to other parties. There isn't anything specific you can do about that breach, but you can make sure that any websites that use that e-mail address have new passwords.
Bài viết này có hữu ích với bạn không?
Trích dẫn
jscher2000
  • Top 10 Contributor
8789 giải pháp 71880 câu trả lời
Được đăng

Giải pháp được chọn

As a footnote, Mozilla does not receive the details of data associated with your email address that may have been held by a website or data broker. Monitor can provide general information about the types of information that were discovered (or confessed to) in the leaked data, but that doesn't necessarily mean the site/broker had all that data for every address it held.

If you weren't a MySpace user, the company might captured your email address when extracting a "friend's" address book contents. But they might not know anything else -- why would they? -- and in that case there's no action required.

Unfortunately (?), Monitor can't know your specific relationship to the companies that suffer breaches, so you see the same thing a MySpace user sees.

As a footnote, Mozilla does not receive the details of data associated with your email address that may have been held by a website or data broker. Monitor can provide general information about the types of information that were discovered (or confessed to) in the leaked data, but that doesn't necessarily mean the site/broker had all that data for every address it held. If you weren't a MySpace user, the company might captured your email address when extracting a "friend's" address book contents. But they might not know anything else -- why would they? -- and in that case there's no action required. Unfortunately (?), Monitor can't know your specific relationship to the companies that suffer breaches, so you see the same thing a MySpace user sees.
Bài viết này có hữu ích với bạn không? 1
Trích dẫn

Người tạo câu hỏi

Finally, an answer that makes sense to me. If a contact had my email address swiped from them, then it could make sense for my email address to be associated with sites I've had no direct contact with, through whatever else they extracted from the contacts device. I can understand, in that context, that as I wanted to presume, I have nothing to worry about and it makes perfect sense that I would not find either site among my accounts in what is known to be a very reliable password manager, when I went through account by account. Unfortunately, in terms of the entire discussion, I no longer have a clue what agency decided it made sense to give me a few characters from a password, and their having done that without giving me an associated web address really strikes me as absurd, but I now suspect even more securely that it was not one of my passwords to begin with. Unfortunately, it started with a message from Firefox, and after following it through the rabbit hole, I lost track of what info came to me from where, and my brain only recalled the connection to Firefox. Anyway, thank you.

Finally, an answer that makes sense to me. If a contact had my email address swiped from them, then it could make sense for my email address to be associated with sites I've had no direct contact with, through whatever else they extracted from the contacts device. I can understand, in that context, that as I wanted to presume, I have nothing to worry about and it makes perfect sense that I would not find either site among my accounts in what is known to be a very reliable password manager, when I went through account by account. Unfortunately, in terms of the entire discussion, I no longer have a clue what agency decided it made sense to give me a few characters from a password, and their having done that without giving me an associated web address really strikes me as absurd, but I now suspect even more securely that it was not one of my passwords to begin with. Unfortunately, it started with a message from Firefox, and after following it through the rabbit hole, I lost track of what info came to me from where, and my brain only recalled the connection to Firefox. Anyway, thank you.
Bài viết này có hữu ích với bạn không?
Trích dẫn
jscher2000
  • Top 10 Contributor
8789 giải pháp 71880 câu trả lời
Được đăng

Câu trả lời hữu ích

While it probably doesn't warrant spending any time on this one, if you ever see someone claiming to have and show a part of your password, they might be trying to cash in on breach data purchased on the dark web. I definitely wouldn't trust them to do anything helpful!

While it probably doesn't warrant spending any time on this one, if you ever see someone claiming to have and show a part of your password, they might be trying to cash in on breach data purchased on the dark web. I definitely wouldn't trust them to do anything helpful!
Bài viết này có hữu ích với bạn không? 1
Trích dẫn

Người tạo câu hỏi

Thank you. That is a useful thought.

Thank you. That is a useful thought.
Bài viết này có hữu ích với bạn không?
Trích dẫn
Jackie Flash 0 giải pháp 1 câu trả lời
Được đăng

Tyler Downer said

If you have unique passwords on each website, then you know how to mitigate the risk. This isn't a problem with Monitor. most users re-use passwords, and so knowing when one is breached is useful information.

The problem I have is Monitor is not telling me Which password was breached.

What exactly is the benefit of knowing that some site somewhere that I don't recognize has managed to obtain my email address and unknown password? Seriously...what do you expect me to do with this information? Are you advising me to change EVERY password I have?

''Tyler Downer [[#answer-1237968|said]]'' <blockquote> If you have unique passwords on each website, then you know how to mitigate the risk. This isn't a problem with Monitor. most users re-use passwords, and so knowing when one is breached is useful information. </blockquote> The problem I have is Monitor is not telling me Which password was breached. What exactly is the benefit of knowing that some site somewhere that I don't recognize has managed to obtain my email address and unknown password? Seriously...what do you expect me to do with this information? Are you advising me to change EVERY password I have?
Bài viết này có hữu ích với bạn không?
Trích dẫn
jscher2000
  • Top 10 Contributor
8789 giải pháp 71880 câu trả lời
Được đăng

Hi Jackie, Mozilla's data provider doesn't send Mozilla the passwords (if any) associated with the email address. That would create the risk of further spreading the information. I agree it's not practical to change a dozen passwords every time a mailing list or tracking database leaks; if there isn't a link to a particular account, you might not want to change your usual schedule of changing your passwords from time to time.

Hi Jackie, Mozilla's data provider doesn't send Mozilla the passwords (if any) associated with the email address. That would create the risk of further spreading the information. I agree it's not practical to change a dozen passwords every time a mailing list or tracking database leaks; if there isn't a link to a particular account, you might not want to change your usual schedule of changing your passwords from time to time.
Bài viết này có hữu ích với bạn không?
Trích dẫn
Đặt một câu hỏi

Bạn phải đăng nhập vào tài khoản của bạn để trả lời bài viết. Vui lòng bắt đầu một câu hỏi mới, nếu bạn chưa có tài khoản.