AdGuard, a popular ad blocker for Android, iOS, Windows and Mac, resets all user passwords, it announced today the CTO of Andrey Meshkov.
The company took this decision when it received a brute-force attack in which an attacker tried to connect to user accounts, guessing passwords.
Meshkov said the attacker managed to gain access to certain user accounts by using names and passwords that had leaked after violations in other companies.
AdGuard's CTO said:
We do not know in which accounts they were violated. All passwords stored in the AdGuard database are encrypted, so we can not check if there are any leaks from another database. That's why we decided to reset all users' passwords.
The company says it uses the "Have I Be Pwned" API, so if a password is leaked, the AdGuard system will alert the user who uses it.
Meshkov also announced that AdGuard will use stricter rules for password selection and that they intend to add two-factor authentication sometime in the future.
______________
- Windows 10 updates: stops arbitrary reboots
- Disqus Why we stopped using the service
- The Brave browser now has a private tour through Tor
- Passwords saved on your sleeve? and yet yes!