Scared of having your account hijacked?

X

xdhavoc

New member
Scared of having your account hijacked?

I've read dozens of posts of people who have had their accounts stripped in the recent past. I, for one, would be pretty upset if someone took all my hard earned gear. Your account name is already typed in, so whoever is attempting to hijack your account has to know your account name first. Otherwise, knowing just somebody's password and not the account name is just as useless as knowing the account name and not the password, if that makes sense. If you're 100% sure you haven't downloaded any viruses or maphacks etc., then it's probably from someone you've encountered while playing D2.


Here's how to NEVER get your account stolen, unless the person stealing the account is standing right behind you:

When typing in your password, do the following:
Type something out in the password bar that is NOT your password. Something EASY to remember.
Example: diabloiscool

Obviously that's not going to be your password. Here's how you type in your password:

Using your mouse, highlight the first 2 or 3 letters and type in the first letter of your password. Now click at the end of the password bar and hit backspace once. Type a random letter/number. The password should now read "xbloiscoo9".

Now use the mouse again to highlight letters 2-4 and type the next 2 letters of your password. Then click on the end and type a given number of letters again. Your password should now read "xxxiscoo928". The numbers 928 represent 3 random keystrokes.

Repeat these steps until your password reads "xxxxxxxx". The x's represent actual letters that your password is. Any keyloggers installed on your computer will recognize the following.

"diabloiscoolx[backspace]9xx928x[backspace]xyiusxx[backspace]98x".

Anyone trying to discern that will have a lot harder time than usual.

If this sounds confusing and a complete waste of time, it's not. I used to do this when I feared that my computer might have a logger on it. It takes about 30 seconds when you get used to it. And TRUST ME, there's nothing worse than having everything you've worked to earn stolen from you when you least expect it.

I hope this helps some of you out and prevents more thefts.
:wink2:
 
Yes, that would give a very high level of security against keyloggers... but I suspect it's too cumbersome for many people.

A compromise might be to type the password once into a text file and use copy/paste... but won't help if your whole computer is hacked and the hacker figures out it's a D2 password.

Best of all, make sure you don't get a keylogger in the first place. ;)
 
I'm not scared as I don't use any 3rd party software.
I have had few dozen weird "failed logins" though total in 2 years, but no item/character has disappeared yet.
 
pip boy said:
If you were to type in 20 words into a word doc, can a keylogger spot which one you copy and paste?
Click to expand...
No normal keylogger could, they'll only see you keystrokes, not what your mouse is selecting. To get that info they'd have to scan your clipboard, or compliment the keylogging with pictures in some way ...

as far as I've understod it ...



 
if someone hacks my computer i'm more woried about him/her stealing something else... not my diablo password:azn:
 
i was slightly scared of this, id unno what a keylogger is but i started through some decent gear on a seperate account just incase something unforutante does indeed happen
 
Part of the problem is not that people don't use common sense but that there are numerous weak spots to get hacked.

1. Do not under any circustances use the same password on a forum as your diablo account. I am convinced that the forum has been hacked and someone has your password here.
2. If you can avoid it don't use hotmail or yahoo mail for password recovery as those could maybe get hacked also. You must register a e-mail on the forum when you register and if the forum is hacked, as I suspect it is, then they have your e-mail and can just use it for password recovery. At the very least use a different one for password recovery and different one for forum. Also make your password for your e-mail more complicated than your 4 digit banking pin no. a symbol, a number, and a letter at least. And this is most important, do not use the same password on your hotmail as the forum. Again, if forum is hacked, they have that password and can easily try it on hotmail and very easily do the password recovery. At least 4 hacked people i have poled used same password here and hotmail. Weak link. Here is not secure.
3. no third party software.
4. no simple passwords, but I am convinced you don't need a real complex one either....after 3 failed attempts you get a short time ban so it is virtually impossible to do trial and error. Just mistype your password 3 times and find out.

My 2 cents.
spiff
 
If you're using the same password for everything, that's stupid and getting your d2 accounts stolen is the least of your worries.

Using hotmail or yahoo is fine, just dont be a fool and make your password recovery something easy.
IE One of my friends password queston was "whats my cats name" don't do something like that. If someone even takes the time to find the email I use on this forum and or for my d2 accounts, the password recovery question has absolutely nothing to do with the answer.


Most people lose their accounts out of stupidity (no offence to anyone) not to some masterful hacking plan.
 
If you see a thread about someone being hacked, just take a look at his/her postcount, it says it all imo.

And what's the deal about these keyloggers anyway? Unless you download something (that is NOT fishy) you can never get it on your computer, right?

If my password would be "doggie" it would be just as hard for anyone to guess as if it would be "OO00?hoPp" since they have no clue where to start.
 
xdhavoc said:
If this sounds confusing and a complete waste of time, it's not. I used to do this when I feared that my computer might have a logger on it.
Click to expand...

Lol man, you're really paranoid. As to the password selection ALWAYS use the strong one, like "10wnUn00b2" rather then your dog's name. :wink3:
Also don't use the same password everywhere. Really it's not that hard and it really isn't wise to have the same password to your all email accts, forums, ebay and bank accts. I have about three differnt passwords that I use all the time, but everywhere I put the different numbers at the end, so it's easy to remember, but there are not 2 identical passwds (and I really use them in many, many places). Just remember that the weakest link in the security systems chain is usually a man. Cheers



 
easy password is good anywat becouse of ban after several wrong tryies it would take extremly long to brutforce password

if u dont have ofc 123456 or password as your pswd
 
and btw no one is interest in your d2 pswd only d2 people so only way to get keylogger that got your d2 pswd is by download d2 3rd party programs...
and u can use your pswd any where u want on bigger forum... admins dont know your pswd ... they can change it but cant read it..
 
OsTo said:
and u can use your pswd any where u want on bigger forum... admins dont know your pswd ... they can change it but cant read it..
Click to expand...
How can you be sure that is the case? And how about the people setting up the servers and such? Or what if the servers is compromised? :wink3:



 
And what's the deal about these keyloggers anyway? Unless you download something (that is NOT fishy) you can never get it on your computer, right?

Actually...

If you have an insecure browser, or have not kept up with windows security updates, someone could use (among other things) java or activex to exploit the holes and download something on to your computer without you doing more than visiting their website. That's how most people get browser hijacked or end up with pop-ups.
 
That's nice. What does my post count say?

I assure you there is no keylogger on my computer, or the idiot that hacked me, would have hacked my good account and not the one I keep my garbage on. Plus I go nowhere NEAR any 3rd party sites.

It IS possible to get passwords. I have no idea how. I am left to assume they brute force them from time to time.

If blizzard would just make a number limit on number of failed logins before a 15 minute ban, it would help a bit.

I don't use the same passord for my account as for any forum.
 
Zarniwoop said:
It IS possible to get passwords. I have no idea how. I am left to assume they brute force them from time to time.
Click to expand...

Of course it is, but bruteforcing is a lot of work as far as I have read and not really worth it.

People most often if not always give out the acc and pass themselves without realizing it, there are so many tricks these days.
Just don't enter the acc/pass anywhere else except the battlenet logging screen.



 
Zarniwoop said:
That's nice. What does my post count say?

I assure you there is no keylogger on my computer, or the idiot that hacked me, would have hacked my good account and not the one I keep my garbage on. Plus I go nowhere NEAR any 3rd party sites.

It IS possible to get passwords. I have no idea how. I am left to assume they brute force them from time to time.

If blizzard would just make a number limit on number of failed logins before a 15 minute ban, it would help a bit.

I don't use the same passord for my account as for any forum.
Click to expand...

I'm not 100% sure this is in response to my post, but it looks like it is to me, so...

1) I did not say you personally had a keylogger, I said that it is possible to end up with malware such as keyloggers on your pc without actually deliberately downloading anything.

2) Did you just try to reference your ability to type things and click the submit button as a valid reason to listen to you? Seriously?



 
Log in to Reply / Create Site Account
Remove Ads - Go PurePremium

Latest posts

Back
Top