|
Well that's a first. Luckily, nothing has happened yet to my knowledge. But Gmail just told me that 5 days ago (during the weekend, while I was away), a chinese IP logged in on my account.
Extreme panic ensued.
Spent about half an hour figuring out a new password, got pissed off that gmail apparently is prejudiced towards certain characters like ¤%#"!½ and such, then another 15 minutes coming up with a new one.
Then changing every password on every site I could think of. Really surprised that nothing has been hijacked (yet?). Not even my paypal or my Starcraft 2 accounts.
(pauses for 20 minutes to change the password there)
Oh wait, just remembered something weird that happened a while back. And holy shit it adds up.
Some chinese dude logs on to my gmail on april 28th. I get a mail from Blizzard about my WoW account getting banned on april 29th. I don't even HAVE a WoW account, never played the game. So I disregarded it as some scam mail and ignored it without opening it...
Now when I went to change my SC2 password, I see that I apparently HAVE been banned from WoW. Somehow.
So wtf has happened?
|
Wait I'm confused, what did you see when you looked at your SC2 account? They had added a WoW account to your BNet or what?
|
Hmmm,
Do you play Protoss?
|
Someone hacked your account and used the free time you get when first playing WOW to use some kind of cheat, and that got you banned.
Maybe? :p
|
I'd say your account was hacked by gold farmers or something. Blizzard caught on to what was going on and banned your account. You'd have to call up Blizzard and explain the situation and they should fix everything. They have IP logs and stuff so they would know if it was under your internet that the account was logged on
|
Yeah, I've never even used the trial for it yet.
![[image loading]](http://img153.imageshack.us/img153/5605/namnlssw.jpg)
|
Get an Authenticator and call/email Blizzard. I want to see how this ends =]
|
But yeah, thanks. I started theorizing that it was probably some hacker or gold farmer. At least they had the courtesy of keeping my password intact, but I'm changing bloody everything anyway.
Lesson learned: Never use the same password for everything. It's a bitch to change.
EDIT: OH HANG ON!
Read the mail a little more closely.
***Notice of Account Closure***
Account Name: WOW1
Reason for Closure: Terms of Use Violation -- Exploitative Activity: In-Game Chat Policy Violation - Advertisement and Spamming
This account was closed because a character on the account repeatedly abused World of Warcraft's in-game chat system. This abuse includes advertising third party services/websites and repeatedly spamming in-game chat channels. Abuse of this nature pollutes chat channels shared by all players and harms the game environment as a whole.
Spambots. Goddamnit...
|
If you need a good password, there's a bookmarklet you can get called supergenpass. Basically what it does is encodes your password based on the url of the site you go to, so you can use the same password for each account but the password itself will be different for each site you go to. It's pretty useful.
|
On May 04 2011 03:55 Saechiis wrote:
Hmmm,
Do you play Protoss?
Don't know why I found this so funny doh
|
On May 04 2011 04:30 Kadgar34 wrote:If you need a good password, there's a bookmarklet you can get called supergenpass. Basically what it does is encodes your password based on the url of the site you go to, so you can use the same password for each account but the password itself will be different for each site you go to. It's pretty useful.
Ooooo, that looks pretty sexy. Thanks 
Feel like some super sneaky spy with uncrackable encryptions and passwords now.
|
Haha yeah I find it very useful, one problem with it though is it doesn't put any symbols on the passwords it creates, so if you need a symbol you'll either have to add it to the encrypted password or not use it for those sites.
|
On May 04 2011 04:58 Kadgar34 wrote:
Haha yeah I find it very useful, one problem with it though is it doesn't put any symbols on the passwords it creates, so if you need a symbol you'll either have to add it to the encrypted password or not use it for those sites.
Doesn't seem to be much of a problem actually. Gmail doesn't like that anyway, and it's mostly useful against brute forcing. Which will take something like a few thousand years for 10 random small/big letters and numbers, even with the best processor available (8.39299366 × 10^17 different combinations is... alot).
|
On May 04 2011 05:07 Captain Mayhem wrote:Show nested quote +On May 04 2011 04:58 Kadgar34 wrote:
Haha yeah I find it very useful, one problem with it though is it doesn't put any symbols on the passwords it creates, so if you need a symbol you'll either have to add it to the encrypted password or not use it for those sites. Doesn't seem to be much of a problem actually. Gmail doesn't like that anyway, and it's mostly useful against brute forcing. Which will take something like a few thousand years for 10 random small/big letters and numbers, even with the best processor available (8.39299366 × 10^17 different combinations is... alot).
Unfortunately that is not how you attack passwords.
If they are just forcing it (which is rare these days) then they are going to have multiple machines, and they will hit the servers quite hard, so forcing 10 chars (alphanumeric) isn't going to take thousands of years.
Much more common is for people to get hashes of passwords (eg: the gawker leak) and then run either dictionary or rainbow table attacks against them. In both cases, if they know people use that tool, it buys you very little, as they can just build their tables to handle that tool.
Building better passwords is generally the best option, or using a password vault to store randomly generated passwords.
|
Ah, hm. Well, lucky that the password I'm "encrypting" with that program is a random bunch of letters already.
Also, shush. I was trying to sound knowledgeable about password cracking 
|
Ah, Blizzard responded. No hard feelings apparently, all is good and well. Though they can't remove the WoW account that got added, so I've got a permanent stain in my record there :/
Ohwell. No biggie anyway :D
|
Keepass (password vault) is the way to go. I have a copy on my thumbdrive (with periodic backups), and it is super convenient
|
|
|
|
|
|
EPT
