To download, I used:Note: the text file doesn’t list passwords or hashes just gmail accounts that were allegedly hacked. Regardless of whether or not your account is on the list, I still think it’s prudent to change your Gmail password. Change your Gmail password. Remember your Gmail password is the key to not only Gmail but also all Google. Username: Afatman@gmail.com Password: Afatman223 Other: Recon expert,Ghoul trooper go skulltrooper and renegade raider, 1 2 3 4 5 6 7 8 9 10 battle pass and 250 skins. The list of top 40 Passwords and volume found: More Analysis, Stay Tuned This experience of searching and finding passwords within this database is as scary as it is shocking.
There appear to be no malicous/unsafe <scripts/> at the moment. No HTML tags.
Just one email per line, and a colon (:) delimiter for the password.
The MD5 hash is:
- E-Mail: ashuy1528@gmail.com Password: ashuyadav - E-Mail: Password: ssthaibhai.
- Manage saved passwords in your Google Account To view the passwords you’ve saved, go to passwords.google.com. There, you’ll find a list of accounts with saved passwords. To see a password, select.
Availability is spotty. The server is refusing connections, probably due to high load.
The IP address resolved to:
I don't think the direct link is out of line. Some users might need guidance on how to safely inspect the file.
In terms of HN community conventions and common behaviors, people will often submit a question like 'Ask HN: Lorem Ipsum...' and then provide follow-up details in the message body, including relevant information, such as the details I've provided above.
This way, if the owner of the resource at the address starts serving up malware, users can verify the content before consuming it.
These are merely community memes though. Not any sort of auspicious, high-minded 'best practices as prescribed by experts' or anything. Just some stuff a bro might do around here.
Also, WHOIS info might be useful, if safety or malware is a concern...
This doesn't preclude the domain owner having been pwnt and used as a patsy. Or even whether that person might have a valid reason for hosting the file?
Apparently millions of Gmail password were leaked today.
According to the International Business Times, over 5 million Gmail usernames and passwords were purportedly leaked this morning. Most of the leaked accounts are active but the leak was mainly endemic to Russian users. Google is currently investigating the veracity of the claims.
The fiasco started when someone by the name of mstrokinposted a link on Reddit to a Bitcoin Security forum (which appears to be offline at the moment) which published a database containing about 4.93 million Google accounts.
In light of the news (even if it’s just a rumor) there are at least four actions you need to take to secure your account:
- Scan the leaked database for your account
- Change your Gmail password
- Check your Google Account activity
- Sign out all other sessions
1. Scan the database for your account
The 100MB text file (36.3 MB compressed) is colossal and therefore takes a while to open. After double-clicking google_5000000.txt it took me 8 solid minutes before Notepad became responsive again.
Once the file loads press Ctrl + f and enter your Google account to see if its in the list.
I’ve noticed a preponderance of “is my account leaked?” websites popping up in light of the news but I question their authenticity. How do I know these sites aren’t collecting my Gmail account for some illicit purpose? This is part of the reason why I suggest downloading the text file and searching for your email address.
Note: the text file doesn’t list passwords or hashes just gmail accounts that were allegedly hacked.
Regardless of whether or not your account is on the list, I still think it’s prudent to change your Gmail password.
2. Change your Gmail password
Remember your Gmail password is the key to not only Gmail but also all Google properties. So if someone stole your Gmail password he or she would have access to your Google Drive and Google+ accounts too.
To change your Google password, go to your Google Security dashboard and click the Change Password link in the left pane.
After entering your old password, create a new strong password. This simple action annuls your old password and keeps the bad guys out.
I would also suggest enabling two-factor authentication. I’ve been using it for months and love the extra peace of mind. Two-factor authentication means even if you gave someone your Google password they still couldn’t access it without your cell phone.
In other words, you need two things for access: your password and something you have such as a cell phone. You should read more about two factor authentication on Google’s website.
3. Check your Google account activity
There is more as a sanity check than anything else but it’s good to know.
Open your Google account activity and pay attention to the activity list in the left pane.
There should be no surprises here.
The account history shows not only the date your account was accessed but also:
Gmail Password List Txt Download
- Whether it was from a PC or mobile phone and
- The approximate location based on the IP address.
4. Sign out superfluous sessions
The last thing you should do is sign out all Google sessions. If you forgot to signout of Gmail from another computer such as a PC in the library, hotel lobby, or airport lounge, you can kill those sessions with a single click.
Go to your Gmail account and in the bottom right corner of the browser click the little link called Details. You might have to scroll all the way down to see it.
Scroll through the list for a few moments to observe your recent activity and then click Sign out all other sessions to kill any extant connections to your Google account.
The Bottom Line
Given the news orbiting the Gmail breach I think the intelligent thing to do is four fold:
Scan the leaked database for your account. Then, even if your account isn’t in the list, you should change your password, look at your Google activity and nuke any open sessions to your account.
I hope this helps you stay safe. Oh and as always, feel free to share your thoughts in the comments below.
Update! 09/12/14
Gmail Txt Password List Windows 10
I’ve just learned that Google responded to the leak with a post on the same day. You should read its official response here: http://googleonlinesecurity.blogspot.com.es/2014/09/cleaning-up-after-password-dumps.html
Gmail Account And Password List