Lessons I'm back; experience of a hacked account

The Chairman · Sep 29, 2021

letterboy:

Like most everyone else, it plum eluded you!

letterboy · Sep 29, 2021

The Chairman:
Like most everyone else, it plum eluded you!

I've been done learning lots of fun things about this software the last couple days...

kelemvor · Sep 29, 2021

The Chairman:
As a caveat: All staff are SB staff are required to use 2FA now after the update. Personally, I use Google Authenticator on my phone as the second authenticator. It remembers my device for up to 30 days. However, if you purge cookies, you'll have to re-authenticate earlier.

Will it work with an RSA SecureID?

Edit: Answer is yes. Works just fine. It's groovy, far out even.

Marie13 · Sep 29, 2021

I know multiple people who had their FB account stolen recently due to. It having 2FA activated. They were able to get their accounts back after a month of trying. It’s been in the news.

I didn’t have it activated on my Amazon account. I do now!

Jaan · Sep 29, 2021

Wow drrich2
Sorry to hear about your troubles.
Glad I didn't wire you the money for that bargain trip to the Maldives...

Just updated my password and added 2FA.

I suppose a fake digest email that brought up a mock login screen might fool some of us into reauthenticating and giving up credentials if we didn't scrutinize the URL or from email address.
Have to be so careful nowadays as hackers are getting more desperate and ingenious.

Glad you're back ...

drrich2 · Sep 29, 2021

Jaan Leemet:
I suppose a fake digest email that brought up a mock login screen might fool some of us into reauthenticating and giving up credentials if we didn't scrutinize the URL or from email address.

Yes; hadn't thought of that (and I get a lot of e-mail digests!), but it reminds me of phishing schemes which are a big concern. Thankfully most of the digests I get are professional and would be a lot of hassle to compile (plus most places I get them from don't have my credit card info. nor do I do sales through there), but they might get other info.

When I get notices of need to change a password (which I just did before coming back here), I go to the primary site rather than click through a link in the e-mail (just seeing one makes me suspicious).

The Chairman · Sep 29, 2021

drrich2:
When I get notices of need to change a password (which I just did before coming back here), I go to the primary site rather than click through a link in the e-mail (just seeing one makes me suspicious).

This is so important. Please follow this advice.

In addition, those of you who are still admins on your own PC, are cruisin' for a bruisin'. Create an admin account and demote yourself. If/when you want to install something, just type in that extra password. Think of it as a local 2FA for your PC. Then, a malicious website can't sneak installing stuff without you knowing about it.

The Chairman · Sep 29, 2021

letterboy:
I've been done learning lots of fun things about this software the last couple days...

I doubt you've even scratched the surface yet. That said, @Miyaru and @Akimbo have earned their xF merit badges!

letterboy · Sep 29, 2021

The Chairman:
I doubt you've even scratched the surface yet. That said, @Miyaru and @Akimbo have earned their xF merit badges!

Since most of the fun toys are in the back end, I'd say you're correct

Bubblesong · Sep 30, 2021

FYI, the pop up telling me I needed 2-step verification was continually blocking me from entering my email and code, quite a pain to get it set up on Scubaboard

Lessons I'm back; experience of a hacked account

Please register or login

The Chairman

Chairman of the Board

letterboy

I'm the reasonable one

kelemvor

Big Fleshy Monster

Marie13

Great Lakes Mermaid

Jaan

Ask me about DRYFOB

drrich2

Contributor

The Chairman

Chairman of the Board

The Chairman

Chairman of the Board

letterboy

I'm the reasonable one

Bubblesong

Contributor

Similar threads