{FIXED} Hacked Account / Better Passwords.

Booker The Geek

Well-Known Member
Feb 26, 2013
1,664
222
78
Pacific North West, USA
Yes, believe it or not, I am a victim of account hacking. :(

Not here on FTB, but my minecraft account. Amazingly enough it is not because I handed out my minecraft password either. My email account was hacked. From there they got into my Minecraft account, and somehow or another I no longer can access minecraft online. (Yeah, I know there are was around it, But I will not be going that route.)

So let this be a hard knocks to you all, Not only do you need to guard your Minecraft information, Also please protect your email account info that is registered with.

Because of this...
  1. I no longer have access to my email account. They got it outright. I need better passwords.
  2. They changed my Minecraft account password. :(
    • fyi... It was a gift code, not credit card, so I'm screwed.
  3. Along with all my other online accounts.
    1. Steam (Got it back)
    2. Facebook (Got it back)
    3. Curse.com (Lost as of now)
    4. Gog.com (Got it back)
Please learn from my mistake and use good passwords.

So until I can get a new minecraft account, I will not be able to test anything in the support area, BUT I will still be providing support for as long as I can. (Such as a bug in updated mod pack or something.)


- Sad sad little man who can't play minecraft... :(

{EDIT} Three weeks till new account

{EDIT} I should have a new account in a couple of days!!!
 

lavarthan

New Member
Jul 29, 2019
2,437
0
0
I'm sorry to hear about your loss Booker. Who did you e-mail with? You might want to look into two-factor authentication. Google, gmail, can send a text message to your phone and you must enter that number to get into your account. Of course the only problem is if you loose your phone or use a pre-pay phone.
 

Everlast

New Member
Jul 29, 2019
110
0
0
Email accounts are a great point of entry, seeing as it's usually trivial to use password recovery and gain access to other accounts. Most people are kind enough to keep their registration confirmation emails in their inbox as well, clearly advertising all the additional websites they would like to lose access to.
  1. Use an easy to remember but non-trivial password. This comic comes to mind: http://xkcd.com/936/
  2. Use a different password for each service.
  3. Do not share your password with anyone and be wary of logging in at workstations you don't have control over (schools, libraries,...).
  4. Always use the HTTPS protocol when on wireless. Sniffing network packets is a piece of cake and you wouldn't want to be publicly advertising your password in plaintext.
That being said, you could use a password manager to help you generate unique passwords and keep them safely stored, locked and encrypted via a single strong password that you remember. Most have integrated auto-fill features to simplify logging in to websites so there is no impact on productivity but a definitive security improvement.

As far as your particular situation is concerned, switch out all your passwords and let this be a lesson for the future.

Edit: This is grasping at straws, but most popular web services include some form of recent session logging. You could check out what IP your account was accessed from. That might narrow down the list of suspects.
 
  • Like
Reactions: Zjarek_S and CoderJ

Booker The Geek

Well-Known Member
Feb 26, 2013
1,664
222
78
Pacific North West, USA
Make a completely random password you don't even know and just use the "remember me" option. :p
Would work great until I reformat my computer... lol

I'm NOW using a number, converted into biniary, then into hex, added into a hash of the original number.... Should be good now.

~ snip ~.
Yeah, it was a trivial password, and my email was/is super organised with every site in it's own folder. I'm a pack rat with emails.

Yeah, I should have known better as I run a computer company. :)

I will check out the IP logging.
 

Eyamaz

New Member
Jul 29, 2019
2,373
0
0
I've been locked out of so many different accounts because I can never remember which password is for which account.

Of course the reason for that is a similar situation, and most don't learn till it happens to them.
 

wolfpax181

New Member
Jul 29, 2019
65
0
0
Once they have your e-mail, it's like they have the keys to your internet account. My wife's e-mail was hacked, and we had a bunch of e-mails from random sites informing us that the e-mail wasn't in use. Once they got in, we figure they just ran password recovery at a list of common sites to gain access to every one they could. The scary part is we found out about the initial problem when our bank contacted us after they failed the security questions while trying to access our account via an IP that wasn't recognized by their system as our current okay to use.
 

Nerixel

New Member
Jul 29, 2019
1,239
0
0
Damn man, that sucks. I personally use several randomly generated passwords, one for emails/social media, one for gaming and one for secure banking stuff.
 

LightKnight

New Member
Jul 29, 2019
184
0
0
The thing that you should have a different passwords everywhere ( or atleast on the important things) they can be similar but different.
 

Booker The Geek

Well-Known Member
Feb 26, 2013
1,664
222
78
Pacific North West, USA
The thing that you should have a different passwords everywhere ( or atleast on the important things) they can be similar but different.
Damn man, that sucks. I personally use several randomly generated passwords, one for emails/social media, one for gaming and one for secure banking stuff.
I Do/did.... They got my email, and reset them all from there...

Good thing I use different email account for gaming / banking / business...

I think they were trying to get into my Business account, and just got into the wrong one... Already changed every other password.
 

Nerixel

New Member
Jul 29, 2019
1,239
0
0
Well, that's something, at least. They didn't get your money stuff.
Still sucks though. Didn't you list recovery questions or a recovery email, or a recovery phone for the email?
 

Booker The Geek

Well-Known Member
Feb 26, 2013
1,664
222
78
Pacific North West, USA
No I didn't. :( sad face.

Better update though.... Friend of mine (Fixed her computer last week for free, she needed it for school) came in today. We were talking, and she said she will get one for me as a thank you for not charging her. :D Happy Face! (Karma, sometimes it kicks you in the arse, some times it blows you away!)
 

CoderJ

New Member
Jul 29, 2019
135
0
0
I can't agree more with the method if I tried (and it's been mentioned) -> http://xkcd.com/936/

Personally I throw a number in there or two that's pretty common in my life (never a birth/wedding/death date or something... something arbitrary that only has meaning to me). If you need a MC account let me know, I might have a spare gift code floating around.
 

Booker The Geek

Well-Known Member
Feb 26, 2013
1,664
222
78
Pacific North West, USA
I can't agree more with the method if I tried (and it's been mentioned) -> http://xkcd.com/936/

Personally I throw a number in there or two that's pretty common in my life (never a birth/wedding/death date or something... something arbitrary that only has meaning to me). If you need a MC account let me know, I might have a spare gift code floating around.
That would be.... amazing.