If you're changing passwords due to CloudBleed, remember, it's not the passwords that matter, it's the auth *tokens*.
Well-designed sites will revoke existing auth tokens on password change, but some won't, and on those, you're screwed.
-
-
Your passwords only get sent to CloudFlare when you log in, but the tokens get sent *on every single request*.
-
That also means that if you have any apps that use services behind CloudFlare, you need to revoke their authorizations and re-authorize them
End of conversation
New conversation -
-
-
don't most sites reset tokens when you log out and in again?
-
Not unless logging out logs you out of all devices/browsers.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.