[READ] Recent server breach

[rad]

I am still siding with Evans on many issues - but this was really not fair game. Complete overreaction out of spite - for what?

Hope this is sorted out now. Maybe we should leak a list of "The Circle", eh?

I'll do it for 100 GBP

I can provide the best Greasy Bald People in the world, even 100 of them.

It's not exactly a secret

 

[rad]

I go to party and shit happens on rcrp. 3rd time now... maybe I should stop partying

Last time I was sleeping, this time, I was at my girlfriends father for the day. I always tend to miss these too. Illuminati confirmed.

i read this as;

this time, I was my girlfriends father for the day

 

[Jboi]

The passwords weren't hashed or if they were it was some weak ass hash, because my password was just sent to me by a friend.

Why the fuck wouldn't y'all use a proper hash like MD5 or SHA256 lol

I don't think you understand how hashing works or weak passwords work. If you have a list of all the hashed passwords you can basically guess and check the passwords.

So let's say 'password' hashes to FJ92FJ91L
The hacker doesn't know 'password' but he knows FJ92FJ91L; The hacker also knows the encryption type, but, since cryptographic hash functions are one way, he can't just use that knowledge to reverse it. Instead, he can generate a table with all the possible alphabetical combinations and their hashed output, then search the table for 'FJ92FJ91L' and find 'password' listed next to it.

The way to avoid this type of attack, is have a password that would require a combination that would take too long to fill a list. Using special characters, uppercase, lowercase, and numbers all help secure a password even more because it takes longer to generate a table with all possible password combinations.

This is a nice little website to test password strength: https://howsecureismypassword.net/

 

[AshleyAcidix]

The passwords weren't hashed or if they were it was some weak ass hash, because my password was just sent to me by a friend.

Why the fuck wouldn't y'all use a proper hash like MD5 or SHA256 lol

MD5 is outdated lol.

 

[Sobo]

The passwords weren't hashed or if they were it was some weak ass hash, because my password was just sent to me by a friend.

Why the fuck wouldn't y'all use a proper hash like MD5 or SHA256 lol

MD5 is outdated lol.

Jesus who resurrected you, I was sure you died or something.

 

[LegendKiller]

Evans already ruined the server's economy by selling money to various members of this community, I don't know If he's attacking the server to prove that he was right or ...

 

[Munchies]

u need to get a life evans lmfao, have a girl or smth.

 

[Karner]

SHA is more secure I think, but im sure passwords on RCRP are salted. If they're not then they probably should be.

 

[Smoking]

u need to get a life evans lmfao, have a girl or smth.

 

[Smally]

SHA is more secure I think, but im sure passwords on RCRP are salted. If they're not then they probably should be.

Myself, Tommy and Frost will now sit down to discuss how we can improve the security here at RCRP, we will also be looking to change the salting algorithm so that any old DB dump is rendered useless.

There will be a further announcement on these changes once they have been done. It will also be mandatory for all admins or anyone with ACP access to use 2FA as of the weekend.