Lessons I'm back; experience of a hacked account

Please register or login

Welcome to ScubaBoard, the world's largest scuba diving community. Registration is not required to read the forums, but we encourage you to join. Joining has its benefits and enables you to participate in the discussions.

Benefits of registering include

  • Ability to post and comment on topics and discussions.
  • A Free photo gallery to share your dive photos with the world.
  • You can make this box go away

Joining is quick and easy. Log in or Register now!

Like most everyone else, it plum eluded you! :D
I've been done learning lots of fun things about this software the last couple days...
 
As a caveat: All staff are SB staff are required to use 2FA now after the update. Personally, I use Google Authenticator on my phone as the second authenticator. It remembers my device for up to 30 days. However, if you purge cookies, you'll have to re-authenticate earlier.
Will it work with an RSA SecureID?

Edit: Answer is yes. Works just fine. It's groovy, far out even.
 
I know multiple people who had their FB account stolen recently due to. It having 2FA activated. They were able to get their accounts back after a month of trying. It’s been in the news.

I didn’t have it activated on my Amazon account. I do now!
 
Wow drrich2
Sorry to hear about your troubles.
Glad I didn't wire you the money for that bargain trip to the Maldives...

Just updated my password and added 2FA.

I suppose a fake digest email that brought up a mock login screen might fool some of us into reauthenticating and giving up credentials if we didn't scrutinize the URL or from email address.
Have to be so careful nowadays as hackers are getting more desperate and ingenious.

Glad you're back ...
 
I suppose a fake digest email that brought up a mock login screen might fool some of us into reauthenticating and giving up credentials if we didn't scrutinize the URL or from email address.
Yes; hadn't thought of that (and I get a lot of e-mail digests!), but it reminds me of phishing schemes which are a big concern. Thankfully most of the digests I get are professional and would be a lot of hassle to compile (plus most places I get them from don't have my credit card info. nor do I do sales through there), but they might get other info.

When I get notices of need to change a password (which I just did before coming back here), I go to the primary site rather than click through a link in the e-mail (just seeing one makes me suspicious).
 
When I get notices of need to change a password (which I just did before coming back here), I go to the primary site rather than click through a link in the e-mail (just seeing one makes me suspicious).
This is so important. Please follow this advice.

In addition, those of you who are still admins on your own PC, are cruisin' for a bruisin'. Create an admin account and demote yourself. If/when you want to install something, just type in that extra password. Think of it as a local 2FA for your PC. Then, a malicious website can't sneak installing stuff without you knowing about it.
 
I've been done learning lots of fun things about this software the last couple days...
I doubt you've even scratched the surface yet. That said, @Miyaru and @Akimbo have earned their xF merit badges!
 
I doubt you've even scratched the surface yet. That said, @Miyaru and @Akimbo have earned their xF merit badges!
Since most of the fun toys are in the back end, I'd say you're correct :)

:rofl3:
 
FYI, the pop up telling me I needed 2-step verification was continually blocking me from entering my email and code, quite a pain to get it set up on Scubaboard
 

Back
Top Bottom