TECH CRUNCH - Feb 11 - A reader contacted TechCrunch after his account was hacked. He said the hacker broke in and changed his password, locking him out of his account. They changed his email address on file, preventing him from resetting his password. There were several cases of people saying their OkCupid account had been hacked. "There has been no security breach at OkCupid," said Natalie Sawyer, a spokesperson for OkCupid. "All websites constantly experience account takeover attempts. There has been no increase in account takeovers on OkCupid." "If you use the same password on several different sites or services, then your accounts on all of them have the potential to be taken over if one site has a security breach," says OKCupid support page. That's called credential stuffing, a technique of running a vast lists of usernames and passwords against a website to see if a combination lets the hacker in. The easiest, most effective way against credential stuffing is for the user to use a unique password on each site. For companies like OkCupid, the other effective blocker is by allowing users to switch on two-factor authentication. OkCupid is just one of many major dating sites that doesn't use two-factor authentication at all.
by Zack Whittaker
See full article at Tech Crunch
See all posts on OkCupid
Subscribe to OPW + Join IDEA + Hire Courtland Brooks Agency-Consultancy
Comments