My TradingView Account Got Hacked!

Overnight said:
Using that format, that comes out to a total of 7,244,150,201,408,990,671,659,859,968 combinations.

That's 7.2 octillion possibilities. There is no brute-forcing a password like that, especially when the app/website/whatever will lock you out after 3-5 incorrect attempts. It is unpossible.

It's fine.
More...
So it appears. According to this chart, it would take approximately 19960419 billion years. Go figure.

Time-to-Crack-bcrypt-hashed-passwords-1024x916.jpg


The above table shows time to crack via brute-forcing given hashes with modern hardware with the following assumptions. This was the exact same set-up we used for the MD5 cracking research – it’s achievable for most bad actors looking to crack an organization’s passwords, although for optimal results you’d ideally want more power than we’re using here:
  • Hardware: the Nvidia RTX 4090. Currently the best value-for-money generally available hardware to perform password cracking attacks with. This is a flagship gaming GPU which can be purchased by consumers, and is largely affordable with an MSRP of around $1599 USD. In order to generate this data, we’re using a hypothetical Nvidia RTX 4090.
  • Software: Hashcat. Generally, a stock RTX 4090 will achieve approximately 164 GH/s in Hashcat (that can be thought of as 164 000 000 000 password guesses/second).
The above hardware assumptions may sound expensive; however, with ransomware payments in the millions, the cost can seem minimal. Even still, some attackers may find faster and cheaper results with cloud services.
 
schizo said:
So it appears. According to this chart, it would take approximately 19960419 billion years. Go figure.

Time-to-Crack-bcrypt-hashed-passwords-1024x916.jpg


The above table shows time to crack via brute-forcing given hashes with modern hardware with the following assumptions. This was the exact same set-up we used for the MD5 cracking research – it’s achievable for most bad actors looking to crack an organization’s passwords, although for optimal results you’d ideally want more power than we’re using here:
  • Hardware: the Nvidia RTX 4090. Currently the best value-for-money generally available hardware to perform password cracking attacks with. This is a flagship gaming GPU which can be purchased by consumers, and is largely affordable with an MSRP of around $1599 USD. In order to generate this data, we’re using a hypothetical Nvidia RTX 4090.
  • Software: Hashcat. Generally, a stock RTX 4090 will achieve approximately 164 GH/s in Hashcat (that can be thought of as 164 000 000 000 password guesses/second).
The above hardware assumptions may sound expensive; however, with ransomware payments in the millions, the cost can seem minimal. Even still, some attackers may find faster and cheaper results with cloud services.
More...

With the current computer power. With super quantum computer in the future?...
 
schizo said:
View attachment 341308View attachment 341307

Periodically, I get these security updates from Google stating my passwords have been compromised. But most of them are dummy accounts, so I've never paid too much attention. But tonight, for the first time, I found my TradingView account in that list. This is the account that I use everyday. WTF?!

Can this be for real? TradingView is literally used by countless traders and their platform is licensed to every broker imaginable. So how is this even possible? Luckily, I haven't found anything fishy with my account, and I've since changed the password, but I'm not sure I should continue using it.
More...
%%
BEST + safest to change pass words or add something to it;
but i get those messages from YHOO email all the time + not changing.
But an emails nowhere near a brokerage in risk:caution::caution:.
SCHW has quite a few safey features . Most a are good idea ......
 
schizo said:
That's my problem as well. Sometimes, I don't even remember where I placed my phone. How the heck am I supposed to retrieve the damn code? :)
More...
%%
LOL easy to lose a phone;
but hard to lose a phone book or 2:D:D
I have temp misplaced a 3rd phone book still have 2 :caution::caution:LOL
I would never trust any password to memory, even if i rememeber it.
 
murray t turtle said:
BEST + safest to change pass words or add something to it;
but i get those messages from YHOO email all the time + not changing.
But an emails nowhere near a brokerage in risk:caution::caution:.
More...
TradingView has 2 passes. One for their own platform and the other for linking to your broker. I ain't too concerned about the first one. It's the second one that showed up on Google's trove of leaked passwords. Anyway, I toughened it up so even if it gets leaked I feel safe knowing that it will take some 15 million years to crack it. That's right, go ahead ya punk, just make my day! :sneaky:

upload_2024-6-3_13-29-26.jpeg
 
You must log in or register to reply here.
Back
Top