Author Topic: Thingiverse hacked. Change your passwords!  (Read 4797 times)

0 Members and 1 Guest are viewing this topic.

Offline MicrodoserTopic starter

  • Frequent Contributor
  • **
  • Posts: 423
  • Country: gb
Thingiverse hacked. Change your passwords!
« on: October 15, 2021, 11:51:28 am »
Thingiverse has been hacked. If you use the same password anywhere else, change all of them. At the minimum, change your thingiverse password.

 
The following users thanked this post: thm_w, Just_another_Dave

Online xrunner

  • Super Contributor
  • ***
  • Posts: 7806
  • Country: us
  • hp>Agilent>Keysight>???
Re: Thingiverse hacked. Change your passwords!
« Reply #1 on: October 15, 2021, 12:13:53 pm »
Thanks. Yea no notice on the page about this. I've written them about other issues in the past never got any response. The customizer doesn't work. Time to start looking elsewhere.
I told my friends I could teach them to be funny, but they all just laughed at me.
 

Online brucehoult

  • Super Contributor
  • ***
  • Posts: 4619
  • Country: nz
Re: Thingiverse hacked. Change your passwords!
« Reply #2 on: October 15, 2021, 12:19:33 pm »
It was a year ago. I used one of my lowest security passwords there -- one I specifically use for sites that I figure probably won't have great security. What is someone going to do? Upload their own designs under my name? Delete mine? (I still have originals) Make nasty comments using my name. Whatever. They can't do anything financially.
 

Offline thm_w

  • Super Contributor
  • ***
  • Posts: 7339
  • Country: ca
  • Non-expert
Re: Thingiverse hacked. Change your passwords!
« Reply #3 on: October 15, 2021, 09:45:53 pm »
It was a year ago. I used one of my lowest security passwords there -- one I specifically use for sites that I figure probably won't have great security. What is someone going to do? Upload their own designs under my name? Delete mine? (I still have originals) Make nasty comments using my name. Whatever. They can't do anything financially.

All I can think is they'd steal high value accounts then use them to post malicious files or links.
Why not use lastpass or similar, easier to autofill a secure password than remembering an insecure one.
Profile -> Modify profile -> Look and Layout ->  Don't show users' signatures
 
The following users thanked this post: Jacon, andy3055

Offline I wanted a rude username

  • Frequent Contributor
  • **
  • Posts: 650
  • Country: au
  • ... but this username is also acceptable.
Re: Thingiverse hacked. Change your passwords!
« Reply #4 on: October 15, 2021, 10:30:00 pm »
What is someone going to do? Upload their own designs under my name?

The greatest risk is to people who reuse the same username and password on other sites. The most convenient solution is to use a password manager ... then you only need to remember one password, but your password on each site is unique.
 

Offline Zucca

  • Supporter
  • ****
  • Posts: 4607
  • Country: it
  • EE meid in Itali
Re: Thingiverse hacked. Change your passwords!
« Reply #5 on: October 15, 2021, 11:39:53 pm »
TU was by far the most no sense website I encountered.
The only good thing is a lot of people are shitting in it....

Yes time to find something else.... any suggestions?
Can't know what you don't love. St. Augustine
Can't love what you don't know. Zucca
 

Online brucehoult

  • Super Contributor
  • ***
  • Posts: 4619
  • Country: nz
Re: Thingiverse hacked. Change your passwords!
« Reply #6 on: October 16, 2021, 12:49:00 am »
What is someone going to do? Upload their own designs under my name?

The greatest risk is to people who reuse the same username and password on other sites. The most convenient solution is to use a password manager ... then you only need to remember one password, but your password on each site is unique.

My email and banking sites use different and very secure passwords. Sites where expensive things can be bought and sent to custom addresses (amazon, mouser etc) get the next level: different but based on a pattern. Thingiverse, eevblog, and local pizza shops don't have enough downside to be worth worrying about -- they sure as heck don't use the same passwords as important sites and that's the main thing.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf