Lariva Business

Lariva Blog

Menu
  • Privacy Policy
  • Tech Sharing
  • animate sharing
  • Science Sharing
  • Happening
Menu

Thingiverse data disclosure – check your password

Posted on October 15, 2021October 15, 2021 by William

Every week there seems to be another set of eye-catching data leaks, and this time, it’s the service that many people in our community pay attention to. A database backup of thingiverse, a popular 3D model sharing website, has been leaked online, including 228000 e-mail addresses, full names, addresses and passwords, which are stored as non salt SHA-1 or bcrypt hashes. If you have an account on thingiverse, it may be worth searching your email address just to make sure you should also change your password on the website. Our informal tests show that not all accounts are included in the leak, which seems to be related to the comments left on the website.

In addition to the severity of the leak itself, the choice of encryption should attract some attention. SHA-1 and bcrypt may be regarded as damaged or most vulnerable in 2021, so that any website avoids migrating to a more powerful algorithm, indicating that thingiverse pays very little attention to website security. We think this is a useful warning for other website operators in our field to check and upgrade their encryption, but we doubt that readers will agree that this will not be the last time we report such vulnerabilities and nervously check our own login details.

Recent Posts

  • Seagan resigned after his arrest and was cautiously optimistic about biotechnology, etc
  • Receiving antenna switcher with espressif brain
  • Skeleton Knight in another world episode 8 release date: who is the young woman?
  • The technology company CEO lost his backpack, laptop, passport, etc., but found an opportunity to tell a story on twitter
  • Making music with sound generation board
©2022 Lariva Business | Design: Newspaperly WordPress Theme