URGENT: If you use same password on MESO that is used on other forums or email accounts...

Discussion in 'Security, Privacy & Anonymity' started by Millard Baker, Sep 9, 2019.

  1. Link to recent bust, please.
     
    chocolatemalt and Seven like this.
  2. Seven

    Seven Member AnabolicLab.com Supporter

  3. Seven likes this.
  4. Millard Baker

    Millard Baker Member

    Change your MESO password to a unique one. The password should not be shared. It should not be used anywhere else.

    DO NOT USE THE SAME LOGIN CREDENTIALS ON MULTIPLE WEBSITES!
     
    Perrin Aybara likes this.
  5. Millard Baker

    Millard Baker Member

    DO NOT USE THE SAME LOGIN CREDENTIALS ON MULTIPLE WEBSITES!
     
  6. Eman

    Eman Member

    An easy way to make complex passwords is to type sentences that are unique to the website you are logging into.

    For Meso: Iamtryingtologintomeso!1

    For Bank: Iwanttologintomybank!1

    Etc.

    This makes for a complicated password to hack that is easy to use in a unique way for multiple websites. The key is to make it random/odd enough that only you know how to read/write it.

    Another, better, method is to use an acronym:

    Iwtlim!1 = I want to log into meso + special character + number

    These are easy to remember and also make unique to each website you have a username and password for. This method is superior because it uses "words" that aren't in a dictionary. The example above would take over 6 years to crack (it was a simple example) the first example would take about 1 quintillion years to crack. Adding an extra character or some numbers would make it increasingly more difficult to crack and still very simple to remember.
     
  7. Artifex

    Artifex Member

    Pretty smart , thanks for the ideas
     
  8. Millard Baker

    Millard Baker Member

    Yeah. But once a hacker sees the pattern, they can easily use it to figure out passwords on other sites...
     
    Northern Nutrition likes this.
  9. Eman

    Eman Member

    I agree, I held off on posting because of that... Just putting some ideas out there for people. A password manager with patternless passwords is more ideal however, most people just aren't going to do it until after they have already been compromised.

    With that said, even though there is technically a pattern going on... These are still difficult passwords to crack if you make it as unique as possible. For example, I want to log into my email was a generic password suggestion and so were the numbers. Changing the example to make it unique such as Yahoo email or Yahoo account or Yahoo email account makes it more unique and extremely difficult to crack even with a pattern... It would take an extremely sophisticated hacker to recognize that there is even something of a pattern occurring across multiple passwords. I was probably being a little generic with my example.

    I get your point though. I still thought patterned passwords were better than using password for the password. :)
     
    AIRBORNE DADDY and Perrin Aybara like this.
  10. Glocker

    Glocker Member

    Just had trouble with 2FA on meso needed to use backup code. 2FA worked earlier but did not send code just now so needed to use backup code. Why?
     
  11. Millard Baker

    Millard Baker Member

    Was it the two-step verification method that used email verification for a code?
     
  12. Glocker

    Glocker Member

    Yeah was supposed to send code to email attached to this account and code never showed up checked spam folder still not there as of now. Worked earlier today though. I used one of the bu codes that worked.

    EDIT - i think there is an app option? I never used that.
     
  13. Glocker

    Glocker Member

    I made sure the email address shown that it was sending the code to was exactly correct and it was exact.
     
  14. Millard Baker

    Millard Baker Member

    Please use the AUTHY app option. It provides better security than the email verification 2FA.

    Furthermore, to answer your previous question, DDoS attacks over the past 48 hours have disrupted the forum's ability to send email notifications. This is yet another reason to use the AUTHY app.

    See this thread for details:

    Meso emails?
     
  15. Glocker

    Glocker Member

    Understood. The 2FA email literally just came thru. Thanks.
     
  16. Uglyrichie

    Uglyrichie Member

    I don't know if anyone's said it yet. Thanks Millard for keeping everyone updated and getting out there about changing passwords. If you go by the word of that douche none of these other peeps are letting people know and look at the bullshit that has caused. Thanks man it's very much appreciated.
     
    Artifex likes this.
  17. Millard Baker

    Millard Baker Member

    You are welcome. I doubt many sources who have been hacked are thrilled to have this information publicized. They may not want the public to know that they are being extorted or that their servers are vulnerable. But it's happening and there is a lot of customer data at risk.
     
    EazyE, Cityofgrit and Eman like this.
  18. Artifex

    Artifex Member

    I am glad you are top of the things !
    Thank you for that and helping us being more cautious and pointing out using 2FA with Authy and on and on .
     
    Neewbiest guy likes this.
  19. DickyBetts

    DickyBetts Junior Member

    Is that why I can't log onto SF?
     
  20. Millard Baker

    Millard Baker Member

    I don't know. But if you used the same login credentials on multiple websites, you should immediately change your passwords.