Google Advised Me that OpenMR has Divulged My Password

It must be true because Google was able to show me the password I was using on this site…

Strange. Is there a link for checking?

With the site having https and being upto date it should be secure.

If it can be determined how; I can report on Discourse Meta.

1 Like

It has to be a password you registered with Google. You go to Account Management (Google) and Security Checkup. This is where a report says that my OpenMR password was pirated. Maybe it was only my pw that was cracked. I don’t know.

2 Likes

Mine is stored in google as well. I can tell you as an admin I cannot view passwords of others as it is encrypted.

Just checked only showing some really old sites I no longer use. But no real specifics on what the issue is with them regarding passwords.

2 Likes

Mine is stored on Google as well.

If you registered the password with Google is that not how it knows?

Lol just checked and mine said 55 sites ‘Found in data breach’ but this one was not on the list. My gut feeling is it maybe its using general reports of breaches rather than specific accounts/passwords?

I was concerned Dominoes Pizza was the on the list - because if I get locked out of that I will starve :rofl:

3 Likes

Very valid as I have had to check what a password is on some sites when auto sign in or using a different device.

1 Like

It knows your password of course since you registered it but I think that Google notifies you when they can find your password in the wild. Just a guess because I don’t know how it works.

3 Likes

Probably most likely scenario is that your password was involved in a data breach unrelated to OpenMR and its warning you that you’re using this password on OpenMR.

4 Likes

I had a password security breach warning today also.
But I dont know where it came from, I mean what website got hacked and revealed password.

2 Likes

Exactly… :wink: I’ve had this happen too.

3 Likes

Maybe but I was using the same password for 2 other sites and the indication about pw being pirated was only on OpenMR. For the two other sites, it was only saying that the pw was also used somewhere else. I don’t know…

I made my passwords different everywhere now. :slight_smile:

4 Likes

You can check here: https://haveibeenpwned.com/
If you provide your user name you used for some online accounts (typically the email address), it will spit out the logins that were breached (and are now a public knowledge) together with the passwords you used :wink:.

3 Likes