Accounts hijacked? Awesome. Revenge?

[destrekor]

Get the nigerian IP, post on slashdot saying you've made your computer completely unhackable by tweaking the registry and firewall and post that IP.

Oh that's awesome.

I so wish I had stored the IP I had seen on my Facebook page. And completely forgot to even look in the Gmail access history.

 

[Modelworks]

Yep. I don't even know my passwords now.
I'll actually be paying the $12/year so I can use LastPass on my Droid, and will use special measures to use my passwords when I get on computers that are not mine. Thinking of caring around one of the LastPass tools on a USB drive that I'll throw on my key chain.

I have been using lastpass for over a year now and love it. I only use the free version but it still has plenty of functionality for me. If you get on computers that are not yours they have that covered too.

Go to the lastpass site and generate a one time password and store it in your wallet for when you want to use it in a unsafe location. The password will only log into the site one time and never again. So you can pull up your passwords from the lastpass site on any pc and once you close that page it is never accessible again with that password.

 

[destrekor]

I have been using lastpass for over a year now and love it. I only use the free version but it still has plenty of functionality for me. If you get on computers that are not yours they have that covered too.

Go to the lastpass site and generate a one time password and store it in your wallet for when you want to use it in a unsafe location. The password will only log into the site one time and never again. So you can pull up your passwords from the lastpass site on any pc and once you close that page it is never accessible again with that password.

What I am thinking of doing is using a flash drive for that purpose.

Also, I printed out the authentication grid. Just knowing I have this crazy grid on me makes it all feel so surreal and like I have access to some crazy super-secret shit, or like my information is necessary to launch a nuke.


But I need to look into all those options a little more in-depth and just decide what seems like a more ideal route. The one-time password system is definitely really awesome.

 

[Matthiasa]

You must have had a really horrible password if they got it by they way you suggested.
Even 10 characters 1 case and numbers gives ~3.7*10^15 possible passwords which assuming any kind of delay becomes a pain to get.
If they used other methods then length becomes kind of unimportant though.

 

[Modelworks]

You must have had a really horrible password if they got it by they way you suggested.
Even 10 characters 1 case and numbers gives ~3.7^15 possible passwords which assuming any kind of delay becomes a pain to get.
If they used other methods then length becomes kind of unimportant though.

I don't know why more sites do not implement a 3 guesses and account it locked policy. Then the legitimate user can email and get it restored.

 

[spidey07]

My gmail got jacked about 30 minutes ago. They tried to send a bunch of spam, but gmail caught all of the messages, as far as I can tell. Does somebody hack google to get the password, or do they brute force it?

Easiest way is to just grab it over a wireless network or hot spot.

 

[IHateMyJob2004]

I don't know why more sites do not implement a 3 guesses and account it locked policy. Then the legitimate user can email and get it restored.

Even a 30 minute lock would be sufficient. That way you can only try about 120 passwords a day. And even if that were to happen, an admin could lock out IPs or something. I pray that places like Ameritrade jsut block nigeria altogether though. Even brute force would take forever if you used common words. passwords with characters and numbers would never get cracked.

 

[Evadman]

There are a lot of folks in this thread who need to learn some stuff. Please look up rainbow tables. They come in very handy when one of your idiot friends sets a password to something that he doesn't remember and then come to you for help. Best password I helped retrieve was 'lovekidnotwife' That one was awesome.

 

[disappoint]

I wish I could tell you my passwords, I'm so proud of them... but that would defeat the purpose

I'll take latin words you can easily remember followed by your birthdate, which you can also easily remember, for 800 Alex.