Potential Security Breach
A community member has brought to our attention that they’d received an email claiming their Foldit account had been hacked. The email listed the person’s username and password. While we do not have any verified evidence internally to substantiate the incident, we would urge you to take a moment to reset your Foldit password and any other account that uses that password. If you have any issues with this, please reach out to us at firstname.lastname@example.org. The community member did note that their password was not very many characters long and therefore could have been “brute forced” (trial and error method of decoding a password). When choosing a new password, we suggest ensuring your password:
- Contains both symbols and numbers
- Contains a variety of capital and lowercase letters
- The longer, the better. If your password is shorter, special symbols, capitalization, and numbers will not help against a brute force attack.
We’d like to express our sincerest apologies for the inconvenience of this. While we do what we can to keep your data safe such as securely storing passwords in a hashed, salted manner, it is still possible that a data breach may occur. We ask should you receive any email like this, that you please, please let us know immediately so that we can address it. You can forward the email directly to us at the address listed above. Please feel free to let us know if you’ve any questions or concerns about this incident.
An example of how complexity relates to how crackable a password is: