Upvote Upvoted 0 Downvote Downvoted
someone has access to all of my accounts
posted in Off Topic
1
#1
0 Frags +

im getting emails from google and twitter that someone has my password to my account. I wouldn't give a shit since google and twitter block foreign logins automatically but the problem is I literally have the exact same password for hundreds of online accounts. All this guy has to do is go to random websites and login with my email and password and he can get everything. fuck he probably has everything already. he can access all my credit card numbers/banking info, me and everyone is my family's names and addresses, all my photos, messages, pincodes to get into my houses, my ssn, my college logins, I have scans of my passport, drivers license, health card, and maybe even my birth certificate on dropbox and evernote. what should I do? am I basically fucked???

im getting emails from google and twitter that someone has my password to my account. I wouldn't give a shit since google and twitter block foreign logins automatically but the problem is I literally have the exact same password for hundreds of online accounts. All this guy has to do is go to random websites and login with my email and password and he can get everything. fuck he probably has everything already. he can access all my credit card numbers/banking info, me and everyone is my family's names and addresses, all my photos, messages, pincodes to get into my houses, my ssn, my college logins, I have scans of my passport, drivers license, health card, and maybe even my birth certificate on dropbox and evernote. what should I do? am I basically fucked???
2
#2
42 Frags +

change your shit literally right now

change your shit literally right now
3
#3
14 Frags +

change everything you have

use lastpass or equivalent password manager asap since it can generate and remember random passwords to your accounts (don't let chrome/whatever browser store ur passwords either)

USE DIFFERENT PASSWORDS FOR DIFFERENT THINGS PLS

someone got into my steam account because they got my email password from another thing entirely. they can and will get into everything.

change everything you have

use lastpass or equivalent password manager asap since it can generate and remember random passwords to your accounts (don't let chrome/whatever browser store ur passwords either)

USE DIFFERENT PASSWORDS FOR DIFFERENT THINGS PLS

someone got into my steam account because they got my email password from another thing entirely. they can and will get into everything.
4
#4
-17 Frags +

how to internet 101

-use the same password for every site
-upload your fucking passport and BIRTH CERTIFICATE??????? on dropbox
-let your password get stolen

yeah man, you nailed it

how to internet 101

-use the same password for every site
-upload your fucking passport and BIRTH CERTIFICATE??????? on dropbox
-let your password get stolen

yeah man, you nailed it
5
#5
56 Frags +
Firehow to internet 101

-use the same password for every site
-upload your fucking passport and BIRTH CERTIFICATE??????? on dropbox
-let your password get stolen

yeah man, you nailed it

-kick someone who's already down

[quote=Fire]how to internet 101

-use the same password for every site
-upload your fucking passport and BIRTH CERTIFICATE??????? on dropbox
-let your password get stolen

yeah man, you nailed it[/quote]
-kick someone who's already down
6
#6
0 Frags +

this has happened to me a few times. nothing was ever taken.... just changed the important ones right away. the best advise i can give is for banking/paypal/really important shit, make a different username. if you catch it early you should be fine.

this has happened to me a few times. nothing was ever taken.... just changed the important ones right away. the best advise i can give is for banking/paypal/really important shit, make a different username. if you catch it early you should be fine.
7
#7
4 Frags +

I highly highly recommend everyone use two-factor authentication on every account/website they can.

It's definitely inconvenient every time you need to sign in, but it does add a decent amount of security.

I highly highly recommend everyone use two-factor authentication on every account/website they can.

It's definitely inconvenient every time you need to sign in, but it does add a decent amount of security.
8
#8
11 Frags +

alright, lets take a more constructive approach.

never use the same password for everything, you should basically have different passwords for every account, or at least use different passwords for you private mails and other important stuff like e.g. amazon so people dont buy shit on your costs. and dont be lazy and say "oh yeah doesnt matter they have my password, google doesnt allow foreign logins anyways". you should always be worried when someone got one of you passwords, because since you dont know how they got it they could have way more stuff than that.
if you cant remember lots of passwords you can use a password manager like keypass to store your stuff, all the passwords will be encrypted with a master password which has to be strong so nobody cracks it and you actually have to remember it or keep it on a physically safe place.
e: what samiface said aswell, different usernames/email for important stuff adds more security.

why the hell would you upload such important data do dropbox ? the only reason i see for this is doing cloud backups and i think thats a really bad idea anyways, especially when youre not caring about security. like its okay to backup your music there but not stuff like your passport.
if you feel the need to backup stuff into your cloud, use a program like truecrypt to encrypt it (and use a STRONG !!!!!! password).

i think not getting your password stolen is not just simple steps, first of all use strong passwords, at least for important logins like stated above. the main important thing about passwords being uncrackable is length, however you shouldnt take 0123456789 because it has 10 symbols xd_xd. Easy to remember are sentences where you swap some letters with symbols or numbers ( e.g. "Gr455_is-Gr3en").
however, when you tend to visit every site you get linked to and download random stuff then the chance that you get a virus / trojan is quite high so general browsing behavious is just as important as your passwords. i have no idea how youre browsing the internet, i can just tell you that there are lots of ways of getting a trojan and general use of your brain to avoid dubious looking sites and especially avoid downloading software from untrusted sources is a good way to start.

what to do now imo

i actually thought this is kinda self explanatory but you should just change all your passwords from sites where you have important data on, or where you generally dont want someone to login with your name. chances are that he already logged into lots of your accounts and stole or changed stuff in there, i dont know how well you can track logins and downloads in dropbox but thats definitely the first place i would check.

alright, lets take a more constructive approach.

never use the same password for everything, you should basically have different passwords for every account, or at least use different passwords for you private mails and other important stuff like e.g. amazon so people dont buy shit on your costs. and dont be lazy and say "oh yeah doesnt matter they have my password, google doesnt allow foreign logins anyways". you should always be worried when someone got one of you passwords, because since you dont know how they got it they could have way more stuff than that.
if you cant remember lots of passwords you can use a password manager like keypass to store your stuff, all the passwords will be encrypted with a master password which has to be strong so nobody cracks it and you actually have to remember it or keep it on a physically safe place.
e: what samiface said aswell, different usernames/email for important stuff adds more security.

why the hell would you upload such important data do dropbox ? the only reason i see for this is doing cloud backups and i think thats a really bad idea anyways, especially when youre not caring about security. like its okay to backup your music there but not stuff like your passport.
if you feel the need to backup stuff into your cloud, use a program like truecrypt to encrypt it (and use a STRONG !!!!!! password).

i think not getting your password stolen is not just simple steps, first of all use strong passwords, at least for important logins like stated above. the main important thing about passwords being uncrackable is length, however you shouldnt take 0123456789 because it has 10 symbols xd_xd. Easy to remember are sentences where you swap some letters with symbols or numbers ( e.g. "Gr455_is-Gr3en").
however, when you tend to visit every site you get linked to and download random stuff then the chance that you get a virus / trojan is quite high so general browsing behavious is just as important as your passwords. i have no idea how youre browsing the internet, i can just tell you that there are lots of ways of getting a trojan and general use of your brain to avoid dubious looking sites and especially avoid downloading software from untrusted sources is a good way to start.

[b]what to do now imo[/b]

i actually thought this is kinda self explanatory but you should just change all your passwords from sites where you have important data on, or where you generally dont want someone to login with your name. chances are that he already logged into lots of your accounts and stole or changed stuff in there, i dont know how well you can track logins and downloads in dropbox but thats definitely the first place i would check.
9
#9
-2 Frags +

Is storing chrome passwords that bad?

Is storing chrome passwords that bad?
10
#10
9 Frags +

Listen to what fire said, it's some solid advice
I really would edit your main post to remove the list of things he could have access to, it's unlikely he'd check here but if he does you've just given him a bunch of ideas of accounts to access

Listen to what fire said, it's some solid advice
I really would edit your main post to remove the list of things he could have access to, it's unlikely he'd check here but if he does you've just given him a bunch of ideas of accounts to access
11
#11
21 Frags +

paypal me all ur money i'll hold it while u get this sorted out

paypal me all ur money i'll hold it while u get this sorted out
12
#12
1 Frags +
Hawk-Is storing chrome passwords that bad?

yes, i dont know if chrome allows for a master password but if not (and obviously if you dont have it set up) everyone who gets access to your chrome data got all the saved passwords.
the same thing goes for firefox / thunderbird or anything where your passwords are stored AND filled in automatically without you need to type in any password or code.

e: heres a tool that can find lots of passwords stored on your computer, it only checks fot the most common programs tho so there might be more depending on what programs you use
https://github.com/AlessandroZ/LaZagne
sourcecode is included, use the precompiled version on your own risk but i doubt it sends anything around.

[quote=Hawk-]Is storing chrome passwords that bad?[/quote]
yes, i dont know if chrome allows for a master password but if not (and obviously if you dont have it set up) everyone who gets access to your chrome data got all the saved passwords.
the same thing goes for firefox / thunderbird or anything where your passwords are stored AND filled in automatically without you need to type in any password or code.

e: heres a tool that can find lots of passwords stored on your computer, it only checks fot the most common programs tho so there might be more depending on what programs you use
https://github.com/AlessandroZ/LaZagne
sourcecode is included, use the precompiled version on your own risk but i doubt it sends anything around.
13
#13
8 Frags +

hey its me ur brother

hey its me ur brother
14
#14
15 Frags +

https://imgs.xkcd.com/comics/password_reuse.png

[img]https://imgs.xkcd.com/comics/password_reuse.png[/img]
15
#15
-24 Frags +

i hope ur shit gets hacked retard

i hope ur shit gets hacked retard
16
#16
10 Frags +

If ure a lazy shit do what I do and have different strong passwords for your important accounts (main email, dropbox, bank, xhamster etc.) and a garbage password for everything else. There's no need to make 16 digit encrypted passwords for every troll account on random websites, but just make sure that your real accounts are secure and separate from your meme accounts.

If ure a lazy shit do what I do and have different strong passwords for your important accounts (main email, dropbox, bank, xhamster etc.) and a garbage password for everything else. There's no need to make 16 digit encrypted passwords for every troll account on random websites, but just make sure that your real accounts are secure and separate from your meme accounts.
17
#17
2 Frags +

ok so I did what flatline said and I've got some random passwords setup for everything with lastpass, I've turned on two step verification on a few of my most important accounts.

I'm very naive and thought something like this would never happen to me and have been really reckless with online security ever since I was young... It's translated into not locking my car and house most of the time too. It finally bit me in the ass this time around.

on accounts where I could see the last sign in I've discovered my attacker is a guy in kiev, ukraine. I'm on hold with my bank right now, transferring me to a higher up department to get my shit straightened out. I only have around $10k in my account so I'm not too worried about it, mostly worried about this guy stealing my identity.

I can't remember why I have scans of all my important shit backed up in anything other than google drive, that's where I messed up the biggest. they are surprisingly good scans too, possibly good enough for reproduction.

anyways let's hope this guy isn't a fucking dick and fucks up my life

heres a meme I found when going through my dropbox last night that got me kicked out of class in high school because I laughed so hard on the middle of class when I saw it on reddit:

https://s-media-cache-ak0.pinimg.com/736x/50/d0/82/50d082dc57f53ec88dbb3d2e84e5bfd6.jpg

ok so I did what flatline said and I've got some random passwords setup for everything with lastpass, I've turned on two step verification on a few of my most important accounts.

I'm very naive and thought something like this would never happen to me and have been really reckless with online security ever since I was young... It's translated into not locking my car and house most of the time too. It finally bit me in the ass this time around.

on accounts where I could see the last sign in I've discovered my attacker is a guy in kiev, ukraine. I'm on hold with my bank right now, transferring me to a higher up department to get my shit straightened out. I only have around $10k in my account so I'm not too worried about it, mostly worried about this guy stealing my identity.

I can't remember why I have scans of all my important shit backed up in anything other than google drive, that's where I messed up the biggest. they are surprisingly good scans too, possibly good enough for reproduction.

anyways let's hope this guy isn't a fucking dick and fucks up my life

heres a meme I found when going through my dropbox last night that got me kicked out of class in high school because I laughed so hard on the middle of class when I saw it on reddit:
[img]https://s-media-cache-ak0.pinimg.com/736x/50/d0/82/50d082dc57f53ec88dbb3d2e84e5bfd6.jpg[/img]
18
#18
3 Frags +

tbh if u aren't afraid of getting your car stolen and losing 10000$ is no problem what are u afraid of

tbh if u aren't afraid of getting your car stolen and losing 10000$ is no problem what are u afraid of
19
#19
1 Frags +
mostly worried about this guy stealing my identity.

i mean u read the post

[quote]mostly worried about this guy stealing my identity.[/quote]

i mean u read the post
20
#20
1 Frags +

I doubt that a random guy who Managed to get your passwords also knows how to make original looking copies of passports etc. except for the case that your default Username is istoremypassport@dropbox.com

I doubt that a random guy who Managed to get your passwords also knows how to make original looking copies of passports etc. except for the case that your default Username is istoremypassport@dropbox.com
21
#21
-2 Frags +

add a 1 to every password

or 2 at that maybe more secure

add a 1 to every password

or 2 at that maybe more secure
22
#22
0 Frags +
FireI doubt that a random guy who Managed to get your passwords also knows how to make original looking copies of passports etc. except for the case that your default Username is istoremypassport@dropbox.com

he doesn't have to know how, he just has to know a guy who does.

[quote=Fire]I doubt that a random guy who Managed to get your passwords also knows how to make original looking copies of passports etc. except for the case that your default Username is istoremypassport@dropbox.com[/quote]
he doesn't have to know how, he just has to know a guy who does.
23
#23
cp_granary_pro
1 Frags +

unplug your internet and they cant hack you

unplug your internet and they cant hack you
24
#24
1 Frags +
Daggerunplug your internet and they cant hack you

while we're at it just throw away any electronics so they cant access your account

[quote=Dagger]unplug your internet and they cant hack you[/quote]
while we're at it just throw away any electronics so they cant access your account
25
#25
0 Frags +

1, Go get Lastpass, it is a password manager that supports making randomized passwords. I don't know if your comfortable with having your passwords stored on a web server but Its an excellent choice in my opinion. If you don't want them stored in on a server just use keypass.

Example of a randomly made password.

qSNgv3wh6Yt5

(No it isn't one of my passwords, just a random one I generated just now)

2. If you choose to go the Lastpass way put on 2 factor auth and choose a STRONG and different master password. For 2 factor auth I like authy since I can link it my phone number and have it backed up with an encryption password in case I loose my phone somewhere as long as I am able to transfer my number to a new phone I don't loose access to all my accounts.

3) Change all of your passwords that are affected along with any that have been used across multiple sites

4) NEVER EVER reuse passwords across different sites.

5) TURN OFF STORING PASSWORDS IN YOUR WEB CLIENT

1, Go get Lastpass, it is a password manager that supports making randomized passwords. I don't know if your comfortable with having your passwords stored on a web server but Its an excellent choice in my opinion. If you don't want them stored in on a server just use keypass.

Example of a randomly made password.

qSNgv3wh6Yt5

(No it isn't one of my passwords, just a random one I generated just now)

2. If you choose to go the Lastpass way put on 2 factor auth and choose a STRONG and different master password. For 2 factor auth I like authy since I can link it my phone number and have it backed up with an encryption password in case I loose my phone somewhere as long as I am able to transfer my number to a new phone I don't loose access to all my accounts.

3) Change all of your passwords that are affected along with any that have been used across multiple sites

4) NEVER EVER reuse passwords across different sites.

5) TURN OFF STORING PASSWORDS IN YOUR WEB CLIENT
Please sign in through STEAM to post a comment.