BitcoinEXpress (OP)
Legendary
Offline
Activity: 1210
Merit: 1024
|
|
June 08, 2014, 05:07:41 PM Last edit: May 29, 2016, 05:34:40 PM by BitcoinEXpress |
|
delete
|
|
|
|
Parazyd
|
|
June 08, 2014, 05:11:04 PM |
|
What accounts got hacked? I haven't heard of any.
|
|
|
|
|
|
tysat
Legendary
Offline
Activity: 966
Merit: 1004
Keep it real
|
|
June 08, 2014, 05:34:07 PM |
|
... It seems to me that people are either using weak PW or reusing PW on other sites. ...
That would be my guess
|
|
|
|
Mikez
|
|
June 08, 2014, 06:10:25 PM |
|
Using the same user/password combination on multiple websites is the primary reason, in my opinion. Phishing would be the number two reason I guess.
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5348
Merit: 13316
|
|
June 08, 2014, 07:08:46 PM |
|
It seems to usually be people with very weak secret questions/answers. Like "What kind of pet do you have?", which has only very few possible answers.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
Parazyd
|
|
June 08, 2014, 07:15:55 PM |
|
It seems to usually be people with very weak secret questions/answers. Like "What kind of pet do you have?", which has only very few possible answers.
When doing those questions, I tend to make the answer unrelated to the question.
|
|
|
|
Mikez
|
|
June 08, 2014, 07:17:56 PM |
|
It seems to usually be people with very weak secret questions/answers. Like "What kind of pet do you have?", which has only very few possible answers.
Why not change the questions then?
|
|
|
|
eid
|
|
June 08, 2014, 07:20:55 PM |
|
It seems to usually be people with very weak secret questions/answers. Like "What kind of pet do you have?", which has only very few possible answers.
Why not change the questions then? The question box is blank. It is created by the user.
|
|
|
|
hilariousandco
Global Moderator
Legendary
Offline
Activity: 3948
Merit: 2696
Join the world-leading crypto sportsbook NOW!
|
|
June 08, 2014, 07:39:59 PM |
|
It seems to usually be people with very weak secret questions/answers. Like "What kind of pet do you have?", which has only very few possible answers.
When doing those questions, I tend to make the answer unrelated to the question. But then there's a good chance you'll forget what it was. If you make it something very personal that only you could know then you should be ok... Or just don't use a secret question.
|
|
|
|
Cryptopher
Legendary
Offline
Activity: 1789
Merit: 1008
Keep it dense, yeah?
|
|
June 08, 2014, 07:52:27 PM |
|
It seems to usually be people with very weak secret questions/answers. Like "What kind of pet do you have?", which has only very few possible answers.
When doing those questions, I tend to make the answer unrelated to the question. But then there's a good chance you'll forget what it was. If you make it something very personal that only you could know then you should be ok... Or just don't use a secret question. It's good to have a secret question 'password'. That is something which follows the basics for a good password. It doesn't necessarily have to be something really strong, but something that is out of the ordinary, but password like so you commit it to memory. That's what I do anyway.
|
Sign up to Revolut and do the Crypto Quiz to earn $15/£14 in DOT
|
|
|
Parazyd
|
|
June 08, 2014, 07:56:02 PM |
|
It seems to usually be people with very weak secret questions/answers. Like "What kind of pet do you have?", which has only very few possible answers.
When doing those questions, I tend to make the answer unrelated to the question. But then there's a good chance you'll forget what it was. If you make it something very personal that only you could know then you should be ok... Or just don't use a secret question. It's good to have a secret question 'password'. That is something which follows the basics for a good password. It doesn't necessarily have to be something really strong, but something that is out of the ordinary, but password like so you commit it to memory. That's what I do anyway. Just a good passphrase will do, I see no need for random symbol there. Okay, maybe one
|
|
|
|
Cryptopher
Legendary
Offline
Activity: 1789
Merit: 1008
Keep it dense, yeah?
|
|
June 08, 2014, 08:01:03 PM |
|
It seems to usually be people with very weak secret questions/answers. Like "What kind of pet do you have?", which has only very few possible answers.
When doing those questions, I tend to make the answer unrelated to the question. But then there's a good chance you'll forget what it was. If you make it something very personal that only you could know then you should be ok... Or just don't use a secret question. It's good to have a secret question 'password'. That is something which follows the basics for a good password. It doesn't necessarily have to be something really strong, but something that is out of the ordinary, but password like so you commit it to memory. That's what I do anyway. Just a good passphrase will do, I see no need for random symbol there. Okay, maybe one Yeah, it needs to be memorable that's for sure, else you're screwed - well not always. People who actually answer their secret question with the appropriate answer make me weep.
|
Sign up to Revolut and do the Crypto Quiz to earn $15/£14 in DOT
|
|
|
cryptodevil
Legendary
Offline
Activity: 2240
Merit: 1254
Thread-puller extraordinaire
|
|
June 08, 2014, 08:17:55 PM |
|
Guys I've been trying to let people know all day, including alerting the admins here, Honorcoin is the culprit. They send people to their website to register for 'free' coins and as part of the registration process they ask for the Bitcointalk forum name, a password and an email address. Some people have used the same password there as for their accounts here. Bitcoin_Mafia for one admitted to me after opening a thread to say her account had been compromised, that she had used the same password on the Honorcoin website as here and a number of users in the Honorcoin thread have registered accounts today to say their proper accounts have been compromised, only to be screamed at by the idiots in the Honorcoin thread! Bitcoin_Mafia's thread about it: https://bitcointalk.org/index.php?topic=643807.msg7199245#msg7199245My first post in the Honorcoin thread to warn them: https://bitcointalk.org/index.php?topic=639043.msg7195985#msg7195985If you check Honorcoins website and go through to the section listing the premine registrants forums names you will see Bitcoin_Mafia listed there: http://honorcoin.co/2-free-distribution/I registered my forum name but used a random password and shortly afterwards received a pm here from a zero-post account with an attached file related to something called RPG-Coin to download and 'test for them. It clearly was part of the Honorcoin attempt to compromise everything they could. http://honorcoin.co/2-free-distribution/The useraccount that pm'd me a file https://bitcointalk.org/index.php?action=profile;u=337252
|
WARNING!!! Check your forum URLs carefully and avoid links to phishing sites like 'thebitcointalk' 'bitcointalk.to' and 'BitcointaLLk'
|
|
|
mprep
Global Moderator
Legendary
Offline
Activity: 3794
Merit: 2612
In a world of peaches, don't ask for apple sauce
|
|
June 08, 2014, 08:23:40 PM |
|
It seems to usually be people with very weak secret questions/answers. Like "What kind of pet do you have?", which has only very few possible answers.
Since it appears to be mainly end user error, people should be glad there is a mechanism in the first place to recover accounts. It's almost as if I am seeing people claim it is just to darn difficult to read any one of the 20+ instructional threads on PGP Bitcoin Signatures or too lazy to Google it. ~BCX~ It's actually even easier than that. There are several trustworthy clients that allow you to sign messages easily, like Electrum or Multibit.
|
|
|
|
hilariousandco
Global Moderator
Legendary
Offline
Activity: 3948
Merit: 2696
Join the world-leading crypto sportsbook NOW!
|
|
June 08, 2014, 08:31:36 PM |
|
Guys I've been trying to let people know all day, including alerting the admins here, Honorcoin is the culprit. They send people to their website to register for 'free' coins and as part of the registration process they ask for the Bitcointalk forum name, a password and an email address.
Honorcoin? The irony. I'll never understand why people clamour for all these free yet always worthless crapcoins, especially when this is what you end up getting.
|
|
|
|
mprep
Global Moderator
Legendary
Offline
Activity: 3794
Merit: 2612
In a world of peaches, don't ask for apple sauce
|
|
June 08, 2014, 08:43:55 PM |
|
Guys I've been trying to let people know all day, including alerting the admins here, Honorcoin is the culprit. They send people to their website to register for 'free' coins and as part of the registration process they ask for the Bitcointalk forum name, a password and an email address.
Honorcoin? The irony. I'll never understand why people clamour for all these free yet always worthless crapcoins, especially when this is what you end up getting. People expect free money. But as you can see here, nothing comes free except cheese in a mousetrap.
|
|
|
|
darthburnstuff
|
|
June 08, 2014, 11:34:27 PM |
|
Guys I've been trying to let people know all day, including alerting the admins here, Honorcoin is the culprit. They send people to their website to register for 'free' coins and as part of the registration process they ask for the Bitcointalk forum name, a password and an email address. Some people have used the same password there as for their accounts here. Bitcoin_Mafia for one admitted to me after opening a thread to say her account had been compromised, that she had used the same password on the Honorcoin website as here and a number of users in the Honorcoin thread have registered accounts today to say their proper accounts have been compromised, only to be screamed at by the idiots in the Honorcoin thread! Bitcoin_Mafia's thread about it: https://bitcointalk.org/index.php?topic=643807.msg7199245#msg7199245My first post in the Honorcoin thread to warn them: https://bitcointalk.org/index.php?topic=639043.msg7195985#msg7195985If you check Honorcoins website and go through to the section listing the premine registrants forums names you will see Bitcoin_Mafia listed there: http://honorcoin.co/2-free-distribution/I registered my forum name but used a random password and shortly afterwards received a pm here from a zero-post account with an attached file related to something called RPG-Coin to download and 'test for them. It clearly was part of the Honorcoin attempt to compromise everything they could. http://honorcoin.co/2-free-distribution/The useraccount that pm'd me a file https://bitcointalk.org/index.php?action=profile;u=337252This still doesn't prove anything. I registered at the site also and just to test it out I entered my password that I use here and I didn't get any message to download a game and my account here wasn't compromised. Should really check your system for trojans/malware...
|
|
|
|
devthedev
Legendary
Offline
Activity: 1050
Merit: 1004
|
|
June 08, 2014, 11:41:54 PM |
|
It seems to usually be people with very weak secret questions/answers. Like "What kind of pet do you have?", which has only very few possible answers.
Since it appears to be mainly end user error, people should be glad there is a mechanism in the first place to recover accounts. It's almost as if I am seeing people claim it is just to darn difficult to read any one of the 20+ instructional threads on PGP Bitcoin Signatures or too lazy to Google it. ~BCX~ It's actually even easier than that. There are several trustworthy clients that allow you to sign messages easily, like Electrum or Multibit. Wouldn't it just be smartest to include a PGP signed thread, like mine? https://bitcointalk.org/index.php?topic=340642.0
|
|
|
|
|