"A data breach on a site or app exposed your password" message

If you're a new user of AppGini, feel free to ask general usage questions, or look for answers here.
Post Reply
User avatar
D Oliveira
AppGini Super Hero
AppGini Super Hero
Posts: 347
Joined: 2018-03-04 09:30
Location: David

"A data breach on a site or app exposed your password" message

Post by D Oliveira » 2020-01-01 19:22

With the new chrome update whenever i log in my appgini applications this message pops up:

Image

Anyone experiencing that? Is there a possible fix?

pbottcher
AppGini Super Hero
AppGini Super Hero
Posts: 1635
Joined: 2018-04-01 10:12

Re: "A data breach on a site or app exposed your password" message

Post by pbottcher » 2020-01-01 20:03

Hi,

change your password. There is not much else you can do.
Any help offered comes with the best of intentions. Use it at your own risk. In any case, please make a backup of your existing environment before applying any changes.

User avatar
D Oliveira
AppGini Super Hero
AppGini Super Hero
Posts: 347
Joined: 2018-03-04 09:30
Location: David

Re: "A data breach on a site or app exposed your password" message

Post by D Oliveira » 2020-01-01 20:37

pböttcher wrote:
2020-01-01 20:03
Hi,

change your password. There is not much else you can do.
Every user that logs in my website gets that message, not just me

User avatar
onoehring
AppGini Super Hero
AppGini Super Hero
Posts: 1156
Joined: 2019-05-21 22:42
Location: Germany
Contact:

Re: "A data breach on a site or app exposed your password" message

Post by onoehring » 2020-01-02 09:44

Hi D Oliveira,

let's stay with you (not your customers for a moment): Think about this: Are using a different password for your different logins? If you answer this with YES, I would find it very strange to get such a warning.
There are password breaches every day, so maybe see this as a "general" warning to actually use strong and different passwords.
You can also check for breached passwords on sites like https://haveibeenpwned.com (similar: Identity breach: https://sec.hpi.de/ilc/search?lang=en )

Can you use a different browser without that warning? Is there a chance to investigate how google checks for breaches?

Olaf

User avatar
a.gneady
Site Admin
Posts: 1281
Joined: 2012-09-27 14:46
Contact:

Re: "A data breach on a site or app exposed your password" message

Post by a.gneady » 2020-01-04 15:16

onoehring wrote:
2020-01-02 09:44
Hi D Oliveira,

let's stay with you (not your customers for a moment): Think about this: Are using a different password for your different logins? If you answer this with YES, I would find it very strange to get such a warning.
There are password breaches every day, so maybe see this as a "general" warning to actually use strong and different passwords.
You can also check for breached passwords on sites like https://haveibeenpwned.com (similar: Identity breach: https://sec.hpi.de/ilc/search?lang=en )

Can you use a different browser without that warning? Is there a chance to investigate how google checks for breaches?

Olaf
Thanks Olaf. I'd like to add a link that explains how Chrome checks for login breaches: https://www.wired.com/story/chrome-79-password-check/
From the above link:
All of these Password Checkup features work for people who have their username and password combos saved in Chrome and have them synced to Google's servers. Google figures that since it has a big (encrypted) database of all your passwords, it might as well compare them against a 4-billion-strong public list of compromised usernames and passwords that have been exposed in innumerable security breaches over the years. Any time Google hits a match, it notifies you that a specific set of credentials is public and unsafe and that you should probably change the password.
So, maybe you're using this same username/password in a site that have been breached before. It's not recommended to use the same password in multiple websites -- even if it's a strong password.
:idea: AppGini plugins to add more power to your apps:
  • DataTalk is an innovative AppGini plugin based on ChatGPT that allows you to interact with your AppGini database using natural language questions, without writing any SQL. Check the demo video
  • Mass Update plugin: Update multiple records at once and improve your workflow efficiency.
  • Check our other plugins and get a generous discount of up to 30% when buying 2 or more plugins.

User avatar
D Oliveira
AppGini Super Hero
AppGini Super Hero
Posts: 347
Joined: 2018-03-04 09:30
Location: David

Re: "A data breach on a site or app exposed your password" message

Post by D Oliveira » 2020-01-07 21:52

a.gneady wrote:
2020-01-04 15:16
onoehring wrote:
2020-01-02 09:44
Hi D Oliveira,

let's stay with you (not your customers for a moment): Think about this: Are using a different password for your different logins? If you answer this with YES, I would find it very strange to get such a warning.
There are password breaches every day, so maybe see this as a "general" warning to actually use strong and different passwords.
You can also check for breached passwords on sites like https://haveibeenpwned.com (similar: Identity breach: https://sec.hpi.de/ilc/search?lang=en )

Can you use a different browser without that warning? Is there a chance to investigate how google checks for breaches?

Olaf
Thanks Olaf. I'd like to add a link that explains how Chrome checks for login breaches: https://www.wired.com/story/chrome-79-password-check/
From the above link:
All of these Password Checkup features work for people who have their username and password combos saved in Chrome and have them synced to Google's servers. Google figures that since it has a big (encrypted) database of all your passwords, it might as well compare them against a 4-billion-strong public list of compromised usernames and passwords that have been exposed in innumerable security breaches over the years. Any time Google hits a match, it notifies you that a specific set of credentials is public and unsafe and that you should probably change the password.
So, maybe you're using this same username/password in a site that have been breached before. It's not recommended to use the same password in multiple websites -- even if it's a strong password.
thank you for the clarifications ahmed and olaf

Post Reply