I Was Hacked.

Soldato
Joined
23 Mar 2011
Posts
13,767
Location
West Side
Recieved an email from Overclockers forum while i was watching youtube on Tuesday evening saying that my email had just been changed , If this wasnt you log in and make changes to your account. Panic stations it wasnt me.

Tried my username and password , password invalid , tried my email to log in email not recognised. Damm i was stuck

Ive been Hacked :confused:

Contacred Overclockers left them a webnote but 24 hrs later i was impatient phoned them as i was worried that the hacker may use the members market to scam another forum member.

And the cheeky beep beep had actually did this selling a rtx 3070 (im still rocking a gtx 980ti) but Overclockers was on the ball and froze my account. The dam cheek of the scamner he even posted a topic called why was i banned and threw insult at admin.

So all sored now with the help of Overclockers and @Feek for guiding me threw the proces and helping me set up 2 step verification on my account.

Maybe @Feek could a guide with pics but heres what i did.

I downloaded Austy
Entered my phone number.
Got activation txt.
Added overclockers forum in Austy.
Enabled 2 step verification in my overclckers account .
Scan qr code or enter code manually.
Done.

@Feek has done a thread advising everyone to enable 2 step verification.

Link
https://forums.overclockers.co.uk/threads/please-enable-2fa-on-your-ocuk-forum-account.18939496/

Tx for listening .
 
Soldato
Joined
21 Jan 2010
Posts
12,069
Micky my man, you were not "hacked". You simply used the same password for OCUK as you did on another site. That other site must have exposed your password, either in plain text or encrypted - if it was encrypted, it was easily 'decrypted' using a rainbow table. This is why you need to use complex passwords, because we know the encrypted versions of every simple/previously breached password and this means they are now totally pointless, forever more.

Your deets were then sold to some chancers out in India who tried to create a convincing MM for sale thread in your name.

Good job on promoting 2FA though, as this gets around the issue of passwords becoming more and more meaningless as more and more breaches happen.
 
Caporegime
Joined
9 Aug 2008
Posts
30,550
Location
127.0.0.1
@mickyflinn get yourself a password manager, something like bitwarden.

Every site should have a different password longer than 12 chars. You never need to remember a password again and they are generated via the software automatically for you to copy and paste.
 
Soldato
Joined
7 Nov 2009
Posts
19,078
Location
Glasgow
See with password managers, can you use these on different devices? For example, can I have it on my PC, iphone and work laptop (the latter I can’t install software on)?

Also, what happens if the password manager password is compromised? But I guess that’s not a problem with 2FA.

What’s the recommended, free, password manager?
 
Soldato
Joined
23 Oct 2013
Posts
10,669
Location
Surrey
I was just a numpty yesterday and the amount of help, patience and understanding from @Maccy and @Feek was very impressive.

We have good admins, I've been the wrong side of a few before but whenever there is an issue it's solved very quickly!
 
Soldato
Joined
5 Mar 2010
Posts
10,453
See with password managers, can you use these on different devices? For example, can I have it on my PC, iphone and work laptop (the latter I can’t install software on)?

Also, what happens if the password manager password is compromised? But I guess that’s not a problem with 2FA.

What’s the recommended, free, password manager?

Yes Bitwarden you can run in your browser and on your phone so wherever you go.

And yes your account is only as secure as your master password is. It's fundamental to use 2FA on this - i'm not sure if Bitwarden force you to use 2FA.
 
Soldato
Joined
28 Oct 2006
Posts
12,230
Location
Sufferlandria
See with password managers, can you use these on different devices? For example, can I have it on my PC, iphone and work laptop (the latter I can’t install software on)?
Yes. I have it on my phone and as a chrome plugin on all my machines. Possibly not on your work laptop if you can't install software (can you install browser plugins?) With BitWarden you can access your passwords through the browser without the need for any additional software.


Also, what happens if the password manager password is compromised? But I guess that’s not a problem with 2FA.
Yep, that's one of the risks of using a password manager. It reduces the risk of a leak from one site effecting any others by reducing password reuse. I've got almost 300 passwords stored in mine and each one is unique, there's no way I could remember that many unique passwords so without a password manager I'd have to reuse passwords. But then there's the risk of your password manager being compromised. I've decided that it's worth the risk to use one with a strong password and 2fa setup on it.
 
Soldato
Joined
22 May 2010
Posts
8,078
Good job the admin locked that for sale thread pretty quick. It was literally within minutes of it going live.

Sorry to hear it was you, i would change all your other passwords relating to that email address or just bin it completely and start a fresh.
 
Soldato
Joined
6 Oct 2004
Posts
15,888
Location
Birmingham
Also, what happens if the password manager password is compromised? But I guess that’s not a problem with 2FA.

The idea is that you only need to remember a single super strong password which is extremely hard to crack and you never use anywhere else (e.g. make up a sentence about something, throw in a few symbols and digits, it soon becomes muscle memory to type it quickly).

That way when you fall for a phishing email from overcIockers.co.uk, you don't also give away your Internet banking and pornhub passwords
 
Soldato
Joined
19 Jan 2006
Posts
14,576
See with password managers, can you use these on different devices? For example, can I have it on my PC, iphone and work laptop (the latter I can’t install software on)?

Also, what happens if the password manager password is compromised? But I guess that’s not a problem with 2FA.

What’s the recommended, free, password manager?

keepass - used for years across multiple devices
 
Soldato
Joined
23 Mar 2011
Posts
13,767
Location
West Side
@mickyflinn get yourself a password manager, something like bitwarden.

Every site should have a different password longer than 12 chars. You never need to remember a password again and they are generated via the software automatically for you to copy and paste.
Tx will look into this.

You weren't hacked, stick your email address you use here into: Have I Been Pwned: Check if your email has been compromised in a data breach
Scared to try it is it legit ?
.
Ah yes the usual excuse. I'll never forget you calling me a scumbag for banning you and ruining your reputation :eek:

I have no reputation to uphold and would have used far stronger insults ;).

Tx for the help.
 
Top Bottom