Goodcloud data leak?

It means your password is compromised.
Please use a complex password, you can create a complex password on https://passwordsgenerator.net/ or other tools.

Yes, was there compromise of Goodcloud.xyz?

this is very scary and needs more discloure.

looks like apple found some data on the internet about a data leak, looked into that data and found a match with the OP password.

Not sure what app is generating that warning and I know nothing about Apple products but I don’t THINK that it’s saying that Goocloud has been compromised and leaked but saying that your password for Goodcloud is the same as a password that you’ve used on another site that has had a data breach.

Worth checking here. See if there’s a breached site that uses the same password as your Goodcloud account.

Also worth enabling Two Factor Authentication (2FA) for ALL accounts that support it (including Goodcloud) and look at using a password manager (e.g. Laspass) that generates random “secure” passwords but lets you not have to worry about remembering them.

(p.s. Could be wrong ) :stuck_out_tongue: )

1 Like

I found the issue.

Safari on my iPad had stored the login credentials of a GL-I router. Because I was doing some quick testing I had used a very basic password: 192.168.8.1, admin, password
I’m sure there are a thousand people out there with this combination.
Apple found these credentials in a data leak set and in my keychain.

Sorry for the alarm and confusion.

@asdffdsa1122 Not an issue with Goodcloud. If you use a username and password from a site that was compromised, Apple will warn you about it. As @limbot posted, you can do it yourself with the link he posted. In @woolverton case it was a default password (which should have been changed).

In 2021 you should not have the same password on any 2 sites/programs/services. Especially your email. If someone hacks your email, it’s cake to get the other things as people generally have 1 email linked to many accounts.

I personally use Keepass. It does the same as LastPass but it is offline, not stored on any servers and nothing is generated remotely. I can then store the encrypted file anywhere I want, such as Dropbox, usb stick or print out a copy on paper (base64 encoded dump of the encrypted data).

1 Like

sorry, i tend to run paranoid sometimes, and i do not even use goodcloud.xyz :upside_down_face:

keepass is a way of life for many years.
i store it on a bitlocker2go volume on what could be the worlds smallest usb key inside.
since keepass, does not place a lock on the database file, i can unplugged that usb key and plugged it back in on the fly, and not corrupt the database.

using rclone with a crypted remote, every time the database is saved, a trigger will copy the database to the cloud.

also use keepass2android offline.
using rclone on termux, a script will copy that database from the cloud to my android cellphone.

thanks,

1 Like