Did You Order the Code Red?

posted on 2 Comments on Did You Order the Code Red?

“Passwords just aren’t cutting it online. It’s getting worse. We all feel it.” This is what Jeremy from Basecamp’s Security, Infrastructure, and Performance team wrote in a February blog post after dealing with a mass-login attack. Intruders with huge lists of login credentials—obtained in previous data breaches—tried using those passwords to access Basecamp accounts. Hear how Basecamp addressed the immediate incident and was also forced to reflect on longer-term plans for customer security in an increasingly insecure age.

Show comments

2 thoughts on “Did You Order the Code Red?

  1. Hey guys! Have you considered using the “Have I Been Pwned” password API to check users’ passwords and warn them that the password they just used should be changed right away? That might be a good idea.

    https://haveibeenpwned.com/API/v2

    Sorry if you’re way ahead of me on this!

Comments are closed.

the HEY Imbox

Email’s new heyday

Email sucked for years. Not anymore — we fixed it. HEY’s fresh approach transforms email into something you want to use, not something you’re forced to deal with.

Try HEY for free

 a project in Basecamp

Tried Basecamp lately?

Used an earlier version, but moved on? Heard of it, but never signed up? Today’s Basecamp will surprise you! It’s all-new, entirely modern, and unlike anything else.

Try Basecamp free