AdGuard, a popular ad blocker for Android, iOS, Windows and Mac, resets all user passwords, it announced today the CTO of Andrey Meshkov.
The company made this decision when it came under attack brute-force in which an attacker attempted to log into user accounts by guessing passwords.
Meshkov said the attacker managed to gain access to certain user accounts by using names and passwords that had leaked after violations in other companies.
AdGuard's CTO said:
We don't know which accounts were hacked. All passwords stored in base AdGuard's data is encrypted, so we can't check if there are any leaked from another database. That's why we decided to reset all users' passwords.
The company says it uses the "Have I Be Pwned" API so that if any code is leaked, the system of AdGuard will warn the user who uses it.
Meshkov also announced that AdGuard will use stricter rules for password selection and that they intend to add two-factor authentication sometime in the future.
______________
- Windows 10 updates: stops arbitrary reboots
- Disqus Why we stopped using the service
- The Brave browser now has a private tour through Tor
- Passwords saved on your sleeve? and yet yes!