Doing everything they can too.
I was at work today when i got a call from someone who said that they were talking to me on facebook, but knew it wasn't me. Lo and behold someone had managed to get in and was talking to certain people looking for details about my runescape / email accounts. They were requesting help from people to answer my "secret questions" and whatnot to gain access to my email, which would hopefully allow them to enter my runescape account. I managed to thwart this and reset many of my passwords and whatnot.
Anyone know anything about this?
That's weird. Go on Facebook -> Account settings -> Security -> Active sessions and you can see where you have logged on
This was earlier today, i changed the password and recovery on facebook.
Hai Mochy <3
run a check for keyloggers on your computer perhaps.
The biggest thing I can tell you is to make sure you use capital letters, numbers, and symbols in your passwords. Doing that would pretty much null and void brute force hackers..
Quote from: Flame Outlaw on January 11, 2012, 02:38:49 AM
The biggest thing I can tell you is to make sure you use capital letters, numbers, and symbols in your passwords. Doing that would pretty much null and void brute force hackers..
Obviously you don't know how brute force hackings work.
Hackers are looking to recover old inactive accounts with large amounts of wealth by using recoveries. They recovered Chessy018's account from information gleaned from Facebook, Youtube, interviews etc. Obviously someone knows your account is worth a lot and you're inactive.
All I can think of would be to change everything that someone may have knowledge of, other than that I wouldn't worry about it too too much
Damn it.
Strange. I'd defiantly be careful.
Whoever it is, is still at it. They messaged my mother asking for details regarding the recovery questions on my email account.
is anyone familiar with a diego santos?
how can we be sure it's rly you moch :wtf:
hi :)
Quote from: Mochacho456 on January 11, 2012, 03:07:58 AM
Quote from: Flame Outlaw on January 11, 2012, 02:38:49 AM
The biggest thing I can tell you is to make sure you use capital letters, numbers, and symbols in your passwords. Doing that would pretty much null and void brute force hackers..
Obviously you don't know how brute force hackings work.
QuoteIn cryptography, a brute-force attack, or exhaustive key search, is a strategy that can, in theory, be used against any encrypted data.[1] Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier. It involves systematically checking all possible keys until the correct key is found. In the worst case, this would involve traversing the entire search space.
The key length used in the encryption determines the practical feasibility of performing a brute-force attack, with longer keys exponentially more difficult to crack than shorter ones. Brute-force attacks can be made less effective by obfuscating the data to be encoded, something that makes it more difficult for an attacker to recognise when he/she has cracked the code. One of the measures of the strength of an encryption system is how long it would theoretically take an attacker to mount a successful brute-force attack against it.
Brute-force attacks are an application of brute-force search, the general problem-solving technique of enumerating all candidates and checking each one.
So next time, be a dick to someone else that is trying to help you.
Simple deterrent to this. Make your recovery answers long-ass jumbles of letters and numbers. Write the answers down (Don't save them on your computer) and hide the paper somewhere.
Quote from: Flame Outlaw on January 13, 2012, 03:52:15 PM
Quote from: Mochacho456 on January 11, 2012, 03:07:58 AM
Quote from: Flame Outlaw on January 11, 2012, 02:38:49 AM
The biggest thing I can tell you is to make sure you use capital letters, numbers, and symbols in your passwords. Doing that would pretty much null and void brute force hackers..
Obviously you don't know how brute force hackings work.
QuoteIn cryptography, a brute-force attack, or exhaustive key search, is a strategy that can, in theory, be used against any encrypted data.[1] Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier. It involves systematically checking all possible keys until the correct key is found. In the worst case, this would involve traversing the entire search space.
The key length used in the encryption determines the practical feasibility of performing a brute-force attack, with longer keys exponentially more difficult to crack than shorter ones. Brute-force attacks can be made less effective by obfuscating the data to be encoded, something that makes it more difficult for an attacker to recognise when he/she has cracked the code. One of the measures of the strength of an encryption system is how long it would theoretically take an attacker to mount a successful brute-force attack against it.
Brute-force attacks are an application of brute-force search, the general problem-solving technique of enumerating all candidates and checking each one.
So next time, be a dick to someone else that is trying to help you.
All possible combination's, making symbols, numbers and capital letters obsolete. I work in network security. There are 9 terabyte rainbow tables out there.
The best protection against brute force is a long ass password that can't be guessed.
I work for the government maintaining communications, providing network security, and detecting system vulnerabilities. While a long password is great, having them all lowercase letters defeats the purpose. Passwords with all lowercase letters are generally tried first. The best combination is a long password with lower case, upper case, symbols, and numbers.
Don't forget RS passwords aren't case sensitive :3
Quote from: JC on January 20, 2012, 04:56:07 AM
Don't forget RS passwords aren't case sensitive :3
SHUT THE FUCK DOWN
Quote from: Mochacho456 on January 11, 2012, 03:07:58 AM
Quote from: Flame Outlaw on January 11, 2012, 02:38:49 AM
The biggest thing I can tell you is to make sure you use capital letters, numbers, and symbols in your passwords. Doing that would pretty much null and void brute force hackers..
Obviously you don't know how brute force hackings work.
Facebook or hotmail isn't vulnerable to brute force. They have a security code so bots can't mass attempt passwords. Numbers and symbols wouldn't help however if they where.
Brute Forcing is the lowest form of hacking and very little sites allow their users to be vulnerable to it. Chances are you have been Dox'd and somebody has been able to recover to some extent.
Fix your security by making ALL security questions as secure as your password. Use more than one email. The email address you use for facebook should NOT be the same as the email you use for WG forums or Runescape.
Hacker could be somebody on a Facebook account which you have added a while ago. Giving them access to any important information over a period of time.
To hack a facebook you need to have access to the email address or the account would be locked for 24 hours before the attacker would have access to it.