Two step won't help if you also use that password on other sites. It'll just help keep them out of your gmail
Hopefully the damn thing is an hash steal, not a clear password steal.
May be a keylogger network thing, though.
Two step won't help if you also use that password on other sites. It'll just help keep them out of your gmail
You shouldn't even be doing that in the first place. Sit down, educate yourself on password managers and set aside 1-2 hours to then change all of your passwords to a unique one for each site.
Baffling how many people still don't use them.
Relevant:
It was at the time. I'm not sure if cracking algorithms have made it easier to crack string-of-words passwords now. It's still safest to use a long, randomly generated string of characters, but obviously that's not realistic for most internet users.Huh, is this true?
Huh, is this true?
Huh, is this true?
Change your way of thinking... Avoid password and change for Passphrase when creating a password. Example: MyCatNameIsFluffy247!HowCute! But each site NEED to have its own passphrase.
But the best approach still is use a password manager like lastpass + 2nd factor authentication (on my case I use Lastpass + Yubikey)
https://www.yubico.com/products/yubikey-hardware/
Just changed my password on Hotmail. Looking at recent activity can be scary.....
Security challenge Today United Kingdom
Successful sign-in Today United Kingdom
Successful sign-in Yesterday United Kingdom
Incorrect password entered China
Successful sign-in United Kingdom
Incorrect password entered China
Incorrect password entered China
Successful sign-in United Kingdom
Incorrect password entered China
Incorrect password entered Korea
Successful sign-in United Kingdom
Incorrect password entered Korea
Account Settings> Security & privacy > See my recent activity
Which is a shame when you encounter a site that limits the length of a password to 8 or less characters.
That's interesting. In the past month I had two attempts from China and one from Indonesia.
It was at the time. I'm not sure if cracking algorithms have made it easier to crack string-of-words passwords now. It's still safest to use a long, randomly generated string of characters, but obviously that's not realistic for most internet users.
Why is gmail not prompting everyone to change their passwords yet?
This just happened to me when I registered to an online storeThe worst is when you register on a website and then they send you a welcome e-mail that contains your username and your password in plain text (the one you've just typed). If they have it in plain text that means they don't even encrypt it in their database.
Why is gmail not prompting everyone to change their passwords yet?
Just changed my password on Hotmail. Looking at recent activity can be scary.....
Security challenge Today United Kingdom
Successful sign-in Today United Kingdom
Successful sign-in Yesterday United Kingdom
Incorrect password entered China
Successful sign-in United Kingdom
Incorrect password entered China
Incorrect password entered China
Successful sign-in United Kingdom
Incorrect password entered China
Incorrect password entered Korea
Successful sign-in United Kingdom
Incorrect password entered Korea
I actually had quite a few successful logins from Germany on my Hotmail account. Looking at the history these go back for a while and they are all POP3. Me thinks this is my GMAIL pop setup accessing Hotmail.
Does Gmail have a security log?
Does Gmail have a security log?
I feel like I should point this out (if it hasn't already) and remind people as I keep forgetting it's there too, as we don't know what passwords were taken, if you have 2 step auth on a Microsoft account you most likely have 2 passwords. Why? Because some apps such as the live mail desktop app (and live essentials), the 360 (I think) etc and possibly other services don't support 2 step auth. So it creates a seperate password from your main one to let you log on to those services.
Just changed my password on Hotmail. Looking at recent activity can be scary.....
Anyone remember a few years ago when there was some exploit of Yahoo Mail and some app?
Incorrect password entered 5/4/2016 7:20 AMRussia
Incorrect password entered 4/28/2016 3:03 AMChina
Incorrect password entered 4/17/2016 7:28 PMKyrgyzstan
Incorrect password entered 4/17/2016 1:03 PMRussia
Incorrect password entered 4/16/2016 8:10 PMUnited States
Incorrect password entered 4/16/2016 9:01 AMCanada
Incorrect password entered 4/16/2016 6:15 AMChina
Incorrect password entered 4/13/2016 5:16 AMRussia
Incorrect password entered 4/12/2016 6:58 PMBelarus
Incorrect password entered 4/9/2016 5:20 AMUnited States
Just changed my password on Hotmail. Looking at recent activity can be scary.....
Security challenge Today United Kingdom
Successful sign-in Today United Kingdom
Successful sign-in Yesterday United Kingdom
Incorrect password entered China
Successful sign-in United Kingdom
Incorrect password entered China
Incorrect password entered China
Successful sign-in United Kingdom
Incorrect password entered China
Incorrect password entered Korea
Successful sign-in United Kingdom
Incorrect password entered Korea
So you're saying my AOL account is safe?
Neither, I think. I meant that that's the current reality: very few people use long random character passwords and very few are likely to start.Of course it is. That's why password managers exist. Or are you saying that people are too dumb to use one?
It is baffling.
We have threads like these every two months or so.
Learn 2 Internet, folks. If you hate password managers at least come up with a system
Relevant:
So, seems like a story that sounds like bullshit was actually bullshit?
Hasn't been relevant for a while, people go for dictionary based attacks these days.
Just changed my password on Hotmail. Looking at recent activity can be scary.....
Security challenge Today United Kingdom
Successful sign-in Today United Kingdom
Successful sign-in Yesterday United Kingdom
Incorrect password entered China
Successful sign-in United Kingdom
Incorrect password entered China
Incorrect password entered China
Successful sign-in United Kingdom
Incorrect password entered China
Incorrect password entered Korea
Successful sign-in United Kingdom
Incorrect password entered Korea
Does Gmail have a security log?
Haven't they always? Back in the day when I used to be interested in....uh...more unsavory activities on the internet I always went for the dictionary attack first. And that was a good 20 years ago now.