Potential User Data Breach

wow
"
Sexcalibure wrote:
So will 3.0 be delayed?


I hope not. The team have been able to mostly work through this uninterrupted. There are some parts of our build infrastructure that are still down, but that doesn't stop people creating content.

"
Nephalim wrote:
Should we change your passwords now just to be safe even if it was strong?


It's always good to change your passwords often, so definitely.
Lead Developer. Follow us on: Twitter | YouTube | Facebook | Contact Support if you need help!
It was blizzard trying to sabotage 3.0.0, to try save the little dignity D3 still has.
Thanks for the quick notice.
As long as credit cards info is safe...
Last edited by Gosen on Mar 28, 2017, 4:41:21 PM
"
Chris wrote:
"
Sexcalibure wrote:
So will 3.0 be delayed?


I hope not. The team have been able to mostly work through this uninterrupted. There are some parts of our build infrastructure that are still down, but that doesn't stop people creating content.

"
Nephalim wrote:
Should we change your passwords now just to be safe even if it was strong?


It's always good to change your passwords often, so definitely.


So does this mean they also had steam password access if your game is connected to steam? PW wise.
Dys an sohm
Rohs an kyn
Sahl djahs afah
Mah morn narr
"
whitelytning wrote:
Thanks for letting us know quickly.

Can someone explain what "salted and hashed" means to non-computer people. Sounds like a delicious breakfast option to me.

If a password is saved hashed, and my password would be "123456" for example, it could show in the database as "7c4a8d09ca3762af61e59520943dc26494f8941b". This can't be easily reverted. Problem with just hashing is that if you and I both have the password "123456", we both have that long text as our password in the database, so if someone cracks your password, they'd also have cracked mine. If they also salt they add something unique to your account to your password before they save it(let's say: your username for the sake of simpilicity), so your "real" password is "123456whitelytning", which means even hashed it looks different from mine, so if someone cracks your password, even if I use the same one, they can't see I use the same one.

Hope I explained it well enough, someone else might be able to do it better :P.
"
whitelytning wrote:


Can someone explain what "salted and hashed" means to non-computer people. Sounds like a delicious breakfast option to me.
When you sign in using your password, it gets salted, which means some extra text is added to it. Then it gets hashed, which means running it through some math and coming up with a new code, that's stored on the server. A hash can be created from multiple different possible passwords, and cannot be reversed to reveal your password unless massive amounts of computing power are used.
"
So does this mean they also had steam password access if your game is connected to steam? PW wise.


They couldn't get your Steam password. We don't know those on our end.
Lead Developer. Follow us on: Twitter | YouTube | Facebook | Contact Support if you need help!
What about people with linked steam accounts?

Edit: Never mind read other comments.
Last edited by Drewster_X on Mar 28, 2017, 4:44:51 PM

Report Forum Post

Report Account:

Report Type

Additional Info