Gmail aliases are your normal Gmail address followed by a + then whatever. e.g. Shahed+supersecretpsnalias@gmail.com
They will know your actual email address but you can create bespoke logins.
-
Hey Guest. Check out your NeoGAF Wrapped 2025 results here!
Add me to the PSN account hacked list
- Thread starter Soulflarz
- Start date
Gmail aliases are your normal Gmail address followed by a + then whatever. e.g. Shahed+supersecretpsnalias@gmail.com
They will know your actual email address but you can create bespoke logins.
oneils
Member
Changing your psn name essentially means creating a new psn account. Could lead you to believe that changing an email address is as difficult as changing a name.
Ah I see. Thanks
D
Deleted member 325805
Unconfirmed Member
Deleting my card just to be safe. I'm curious and just throwing the possibility out there; could the resurgence of hacks be due to people buying account info from the original big PSN hack a couple of years back? Meaning dark web sales etc of the account info. I wouldn't put it pass some people to have not bothered to remove old cards or attachments to old passwords etc.
Seven Force
Banned
Man, looking at these threads, I guess it's a blessing that PSN never accepted my CC for whatever reason and forced me to use PSN cards instead.
Sony forced password resets. Old cards wouldn't be an issue either: Sony claims there hasn't been an incident that could be linked to that hack, and any of those would be probably expired after 5 years.
Calling things like this 'hacks' is kind of a pet peeve of mine. They didn't hack anything, they had your email and password in advance. Sony did have a real hack a few years back, this is not that. They really do need to improve security, including the 2 step authorization that people think will save them.
a friend of mine account got hacked and close to $500 dollars were expend on neverwinter crap and i kept telling him to use prepaid psn cards, i tell that to everyone, also make sure your password is a mix of numbers and letters containing capital and lower letters, make it long and write it down if its difficult to forget, it will not be impossible to crack but at least it will make it damn hard
There is something going on
Maybe gaf got hacked.
With respect, you're not giving your friend very good advice.
It's not necessary to use PSN cards. Just manually put in your payment details when you want to make a purchase and remove them afterwards. This is a good habit to have on any online store not just on PSN.
For passwords, use a password manager such as 1Password (they should pay me commission) to generate 30 character unique passwords. Writing down passwords is bad practice.
i don't consider writing down passwords a bad practice, I've done it for years and is great as long as you're an organized person, about PSN cards is a personal opinion, i much rather use only PSN prepaid cards and recommend that to everyone i know for every service i got, steam, psn and on the previous generation xbox live
test_account
XP-39C²
Isnt this pretty much standard?
Ban Puncher
Member
Do not use your credit card or PayPal account on PSN.
If you have no other option but to use your credit card or PayPal, use it for the transaction you wish to make but do not save your billing details.
You should only use pre-paid PSN cards, even if it is a slight inconvenience.
Protect ya neck.
If you have no other option but to use your credit card or PayPal, use it for the transaction you wish to make but do not save your billing details.
You should only use pre-paid PSN cards, even if it is a slight inconvenience.
Protect ya neck.
That's because it isn't. I've done it for years, I have all my email accounts, and website accounts on a book, organized by colored tabs. I can find the info I want in no time.
Maybe he thought you meant writing it on a napkin or something. :3
Depending on the site some will send you email that something has been changed or ask for email confirmation.
All behold the digital future!
*hugs physical game collection*
*still has thousands in digital content*
At this point, I almost feel like it's safer to keep the payment options in there. Seems like the fastest way to be alerted to the hack and know to change your password. Losing $50 is a small price to pay for saving the rest of the account.
Or, you know, 2fa would be great.
*hugs physical game collection*
*still has thousands in digital content*
At this point, I almost feel like it's safer to keep the payment options in there. Seems like the fastest way to be alerted to the hack and know to change your password. Losing $50 is a small price to pay for saving the rest of the account.
Or, you know, 2fa would be great.
test_account
XP-39C²
I'm not sure if i would call it really bad security in general, but i agree that its much better security to have an extra layer there that protects from account hijacks like this. I think everyone should use such method. Only downside i can see is if you somehow lose access to the original e-mail account and you cant change your login name because of that, but overall i see it as more of a positive thing.
Someone should start a 2fa campaign on Twitter or something.
lifa-cobex
Member
Well you can't change your PSN name. You can only create a new account with a new name.
I would say they are leading in popularity in console terms.
Honestly I don't think Sony really gives a fuck anymore.
If a hack happens, they get money.
IF they were playing the underdog (lets say for example MS and the releasing of game on PC to win favor). I would imagine they would be on it and people would be celebrating them defending the little guy.
Just foil hat thoughts.
Jacksinthe
Banned
The only way someone will get to a piece of paper is if they break in your home. At that point, your PSN account is the least of your worries.
Password managers are far more vulnerable and have been hacked before, as well.
You're not giving good advice to whom you quoted, either :|
AyaisMUsikWhore
Member
You are right about this... The accounts aren't hacked as if they used a script code to get into the account... This is basically an account take over. I do hope that 2 step comes soon...but imo, it shouldn't even take Sony this long... It's just so incompetent.
Rellik
Member
I think he's referring to when Sony force a name change and they have to create a new account for you on their end and you lose everything but your games.
lifa-cobex
Member
Fair point.
styl3s
Member
Considering people complain almost on a daily basis now about being hacked you would think people would start doing this. People, don't leave your credit information on accounts that can easily be hacked and doesn't have two-step.
Hell, i don't leave my credit card information on anything because it takes 30 seconds to type in that debit card information, buy whatever i want and then delete that information.
The password manager I recommended (1Password) hasn't been breached and even the LastPass hack didn't expose users' password vaults.
Writing down passwords (can be lost, inconvenient/risky to carry on your person, PITA to generate, write out and input 30-60 character passwords, "is that an o or a 0?" etc.) pales in comparison to using a password manager in both security and convenience.
So yes, I am giving good advice tyvm.
Bear in mind that even if your password is unique to PSN, if it's a simple one, they can just guess their way in if they have your UserID/email.
To anyone trying to guess or brute force my PSN password:
Still, it doesn't excuse Sony taking this long to implement two-factor authentication. One can only assume that they simply don't give a shit at this point, otherwise it would have been done a long time ago.
To anyone trying to guess or brute force my PSN password:
Still, it doesn't excuse Sony taking this long to implement two-factor authentication. One can only assume that they simply don't give a shit at this point, otherwise it would have been done a long time ago.
Yes, that's it. Sony is playing dirty tricks on their customers. You've cracked the secret code. Well done!
Nah. We have a reasonable idea what is going on. Some loosely related website has been hacked and some unscrupulous person(s) are data mining for paired accounts, which they monetize by selling them to third parties. The hacker(s) might be cross referencing the newly obtained info with old email dumps, searching for a correlation. When the hacker(s) are finished with the information, they will sell the data on a Black Hat forum for a pittance, news will eventually spread, and we will discover where the leak originated from. It might be a popular PlayStation message board, news or streaming website. We will eventually find out after a couple more months of "OMG my account has been compromised!" posts.
Jacksinthe
Banned
Not been hacked != Never will be hacked, smh.
And good practice is good practice. Self-management instills knowledge and understanding through repetition.
You can't honestly be suggesting storing ALL of your passwords on a server accessible to ANYONE on the internet is safer than storing them manually, are you?
Storing them by hand in your possession is vastly safer than storing them in someone else's possession with people trying to beat down their door daily.
How is a password vault stored on Dropbox accessible to "anyone" on the Internet?
You don't even have to store the vault online if you don't want to, it's optional with 1Password.
Please stop spreading FUD and ignorance.
Jacksinthe
Banned
Ho boy!
Highly classified protip: if it's accessible from the internet or has access to the internet - it's vulnerable!
You think people are targetting PlayStation accounts in an organized fashion to make money by selling them? Who would purchase these accounts or this information which can be quickly changed by the owners' bank the moment they report fraudulent charges? Or when Sony bans said accounts and they lose their value instantly?
And that "OMG" feels dismissive and condescending. Are you irritated by seing people post about their troubles?
Spiral Insanity
Banned
I'm getting scared now. Maybe this is related to those big PSN hacks from some time ago, and they found a backdoor into the database?
You didn't even know that password vaults can be kept and synced locally for the super paranoid. I think you should quit while you are ahead instead of needlessly trying to scare people away from using something convenient and effective to lock down their accounts.
DarkestHour
Banned
I had $25 added to my account the other week and quickly changed my password and removed my payment info. Unfortunately, removing my payment presents Playstation Vue from renewing so I had to put it back in.
In addition to two factor, I want to know from where and when money is added. The PSN site just said funds were added but didnt tell me the method or from where. For example, what is the IP address of the system adding money?
In addition to two factor, I want to know from where and when money is added. The PSN site just said funds were added but didnt tell me the method or from where. For example, what is the IP address of the system adding money?
runnin_blue
Banned
Any chance some gaming websites can start covering this? It seems like a pretty big deal. Or have I missed them?
The login to Dropbox itself can be a highly-complex password as well as have 2FA enabled. 1Password vaults are also VERY heavily encrypted using complex multi-layered algorithms (I think you can even customize the number of layers) such that even highly-powerful machines take a few seconds to validate the password entered; a brute forcing approach is simply not possible in anything resembling a reasonable timeframe.
That said, paranoia about PSN's security has lead to the password of my main account being the one thing I have memorized and not written down anywhere, including my 1Password vault. Canada unfortunately doesn't have a good avenue for buying codes online at cost, so I buy PSN cards from a nearby drugstore.
Maybe they are being moneyhatted by Sony to not cover it
I don't know why they haven't yet but hopefully they will.
tiredheadcrab
Member
I never put a Credit Card on Xbox live until it got 2 step. I would always but the money cards from Gamestop or Amazon. I do have an expired CC on my PSN account but like i said its expired and not even the same type of card they use now.
My recommendation, use Last Pass and pay the $12 a year. I know it is free but you also get mobile support. I have the extension installed on Chrome, Firefox and now Edge with the anniversary update. I also have the app on my computer from the Windows store. It works great and it synces your passwords between accounts.
I also got hacked last March. It sucks.
My recommendation, use Last Pass and pay the $12 a year. I know it is free but you also get mobile support. I have the extension installed on Chrome, Firefox and now Edge with the anniversary update. I also have the app on my computer from the Windows store. It works great and it synces your passwords between accounts.
I also got hacked last March. It sucks.
TheSpoiler
Member
It's more likely that someone is capturing emails and passwords and using them on popular websites to see if they work. And if they get in, the chargebacks and account switching still take quite a bit a time. Due to the nature of people not knowing how to deal with chargebacks, they could potentially have access for quite a while as things get sorted.
Maybe they are being moneyhatted by Sony to not cover it
I don't know why they haven't yet but hopefully they will.
Probably because there's no proven correlation, or actual "hack". The 2FA SHOULD be covered, but to claim there is a mass scale attack, or even one of some sort, needs more direct evidence. Sony themselves would be up for a lawsuit if they were scooting it under the rug, which is why it probably isn't some 2011 attack and just previous website passwords and emails being used.