supersaver

Author Topic: Attempted Password Changes  (Read 7118 times)

Offline Hugo

Attempted Password Changes
«: March 31, 2008, 12:45:01 PM»
If you have an attempt made on your alts, do not click the confirmation link in the e-mail you receive. If anything, simply change your password or make it more difficult for a 'hacker' to guess.

Quote from: Sadil
Changed password attempts may also be from people who let their alt expire and simply try to see if their email/alt is still theirs.

Post the name of the alt in question, the date you received an unauthorized e-mail requesting a password change, and any notes you may want to add concerning it.

Thanks!

--

Reassurance from Cironir:

Quote from: Cironir
The Furcadia server keeps track of failed login attempts. Each failed login attempt is logged and viewable by staff. Also, if a certain number of failed attempts is exceeded, the server automatically sends a notification to staff and blocks the address. So, password crackers are generally a bad idea.

--

Some helpful password protection tips:

* Don't use words from the English language.

* The ONLY way to make a secure password is to use a combination of letters and numbers, preferrably WITHOUT whole words. (This is the safest method of creating a password even if it is harder to remember)

Bad: yahoo44, hello123, iloveyou (very common)
Good: dghf45hskf, mmr349df5, ben238kdj85

* If you think that a jumbled password will be too hard for you to try and remember, try and make it related to something you will remember and write down a hint somewhere (on paper, not the computer) you will always be able to find it.

ie:
- Last three letters of your middle name
- Year you were born in
- First three letters of your brothers middle name

Result: ole87jos (Results may vary)

* Use symbols and/or capital letters

* Never use the same password for all your alts

--

For more information, reference the following links:
"How to Keep Your Characters Secure"

--
I'll start:

Date: 3/29/08
Alt: George Bush
Color Code: t0-+4.;;:;;%%#
Notes: Two(2) attempts made to change password within an hour.
« Last Edit: April 26, 2009, 12:32:39 PM by Kiwi »

_________________


Offline Jax

Attempted Password Changes
«Reply #1: April 19, 2008, 07:21:02 PM»
Hey. :D This actually happened to me today, so, here ya go xD ::

Date: 4/19/2008
Alt: Vocal
Notes: It was a 'lost password' type of e-mail, from [email protected] If it's in any way helpful, I can also send whoever might need it, the tracking number and/or the password the person attempted to change it to?

Offline Mychelle

Attempted Password Changes
«Reply #2: April 19, 2008, 07:41:51 PM»
Username: Panda
    Registered email address: ------------
    New password: 240888
    Tracking number: -----
    Confirmation code: ------------

Been awhile since I got one for this alt.
Im letting my alts rot. So dont ask.

Offline Skull

Attempted Password Changes
«Reply #3: April 19, 2008, 07:52:23 PM»
I get one for Kiba about every month.

Offline Tillandsia

Attempted Password Changes
«Reply #4: April 19, 2008, 09:47:42 PM»
I wouldn't be posting the email address to where the alt is registered, people could try to crack the email password to get access to it.

Offline Mychelle

Attempted Password Changes
«Reply #5: April 19, 2008, 10:06:57 PM»
Quote from: "Effira"
I wouldn't be posting the email address to where the alt is registered, people could try to crack the email password to get access to it.


Already had that happen once. My alts were just fine. -shrugs-
Im letting my alts rot. So dont ask.

Offline MAU

Attempted Password Changes
«Reply #6: April 19, 2008, 10:44:22 PM»
in the instance that they weren't all 'just fine' i'd also suggest not posting the emails, just to play it safe.

i think you got really lucky there, mychelle. :P

Offline Mychelle

Attempted Password Changes
«Reply #7: April 19, 2008, 10:46:31 PM»
Quote from: "Mauser"
in the instance that they weren't all 'just fine' i'd also suggest not posting the emails, just to play it safe.

i think you got really lucky there, mychelle. :P


Okay okay I'll edit it. >.> heh.

Though I think leaving the PW they attempted to try to change it to up would be a good idea. Since in the past I have had multiple PW change requests with someone using the exact same PW each time.

And I dunno if I should call myself "too" lucky. I really didnt loose anything. But they did change my Passwords on my AIM, Email/MSN, Ebay, Deviant Art, and Paypal. Yet strangely once I got into each of these nothing had been changed/bought/stolen/ect. It was really weird. o.O
Im letting my alts rot. So dont ask.

Offline MAU

Attempted Password Changes
«Reply #8: April 19, 2008, 11:01:17 PM»
i think that is a good idea; perhaps that way others can differentiate instances of people trying to get into alts multiple times using the same password each round.

and that is... really strange. i'd hate to have anything like that happen to me, especially if my alts are involved, so i have all of them registered to a different email rather than my main one, just to be safe. this email i don't give out to anyone.

you'd think they would have gone after either your paypal or your alt collection-- or both.

Digital Love

Attempted Password Changes
«Reply #9: April 20, 2008, 08:08:53 AM»
Hugo, maybe it would be a good idea to put a note in your first post that changed password attempts may also be from people who let their alt expire and simply try to see if their email/alt is still theirs. :) It might freak some people out when they get a (one) password change request and think they are being hacked, when it might be nothing.

People might mistake the true purpose of this thread due to that.

Offline Kamose

Re: Attempted Password Changes
«Reply #10: April 20, 2008, 10:16:25 AM»
Quote from: "Hugo"
* If you think that a jumbled password will be too hard for you to try and remember, try and make it related to something you will remember and write down a hint somewhere (on paper, not the computer) you will always be able to find it.

ie:
- Last three letters of your middle name
- Year you were born in
- First three letters of your brothers middle name


Truly random combinations of letters and numbers, like zw2h6Fc8, make the best passwords. Don't use letters and numbers that are significant to you, such as initials, birthdays, etc. People who know you may guess these things.

In Furcadia, having a complex password is not too burdensome unless your settings require you to type the password every time you log in. (In that case, you may want to make a physical note of your password, not stored in your computer, for safekeeping.) For more password safety tips, see my post "How to Keep Your Characters Secure."

Offline Gallifreyan

Attempted Password Changes
«Reply #11: April 20, 2008, 04:36:08 PM»
lol, someone tried it with Pathology today, idiots.

Offline anathema

Attempted Password Changes
«Reply #12: April 21, 2008, 06:57:21 AM»
Username: Tatu
    Registered email address: lol no
    New password: 88990076


now this is def. not a legit wondering if it expired, i know that, because before me, casper had tatu for at least 1 or 2 years. someone's going around and trying to get names like this. ;L

Offline Ook

Attempted Password Changes
«Reply #13: May 27, 2008, 09:16:15 AM»
Username: Enzo
Password: cookie

Offline Light

Attempted Password Changes
«Reply #14: May 27, 2008, 01:04:55 PM»
Name: Keyblade
Password: llama

...  :?

This was a long ass time ago.
Contacts: Light, Guzma
Alts change frequently, so your best bet to contact me would be to private message me.

Alts for sale here.
Icon from here!

Offline MAU

Attempted Password Changes
«Reply #15: May 27, 2008, 01:18:37 PM»
name: ---
password: alt12345

i'm posting this mainly as a personal reference in case it happens again. i prefer to keep my alts anonymous.

Offline Tony

Attempted Password Changes
«Reply #16: May 28, 2008, 05:43:29 PM»
name: fearow
pass: cawcaw

god. gtfo. >:/

Offline Gengar

Attempted Password Changes
«Reply #17: May 28, 2008, 07:10:30 PM»
I think someone should sticky this. It's a very good idea. Good job Hugo. :>
SELLING FORMER NFT/DNBS
BUNCH OF LIFERS FOR SALE
CONTACT:
Discord Group / DM, Tumblr @ dvoyd, PM

Lilium

Attempted Password Changes
«Reply #18: May 29, 2008, 05:02:34 AM»
Username: Susanne
    Registered email address: removed
    New password: password

Is this part of the confirmation bug thingy that's going around..? I got an email for that but I was told not to confirm anything ^^;

Offline Cironir

Attempted Password Changes
«Reply #19: May 29, 2008, 05:48:26 AM»
If you got an email confirmation request without having changed your address, just ignore it. It's a bug that struck last night and that affected some 200,000 characters. There is no need to confirm the address again, according to Sanctimonious.

Lilium

Attempted Password Changes
«Reply #20: May 29, 2008, 06:06:52 AM»
Okay... so password changes aren't part of that? That means someone tried to change my password

Offline Cironir

Attempted Password Changes
«Reply #21: May 29, 2008, 06:30:01 AM»
Probably, yes. Might be someone who had the alt before, or who thought it was their alt, etc. If it happens frequently, we can look up who it is.

Offline Cironir

Attempted Password Changes
«Reply #22: May 29, 2008, 07:06:54 AM»
I'll see if we can add an IP address to those password request emails. If they are legit, the requester knows their own IP address anyway. Perhaps that will discourage the "not so innocent" attempts.

Digital Love

Attempted Password Changes
«Reply #23: May 29, 2008, 07:13:50 AM»
Quote from: "Cironir"
I'll see if we can add an IP address to those password request emails. If they are legit, the requester knows their own IP address anyway. Perhaps that will discourage the "not so innocent" attempts.


I like that idea. I don't suffer from password change attempts that much, but I can see the advantages a community like this will have from it. Forums track IP addresses for one, so people with 'malicious' intents can be traced even there if need be. (Realizing of course that we're talking about maybe 5+ attempts, and not singled out cases.)

Offline Hugo

Attempted Password Changes
«Reply #24: May 29, 2008, 04:41:21 PM»
If you add IPs to those emails and it turns out it was someone trying to get into their old alt..

Doesn't that mean the privacy of their IP has been violated? I understand why  you would do that to a hacker, but what about the innocent situations?

They'd inadvertantly be giving their IP to a stranger.

_________________