If you have "no place to go," come here!

Sorry about that....

Now up and running again. I stretched out a server payment one day too far!

And on top of that, my email account just got hacked. Any advice?

Please tell me all I have to do is change the password!

NOTE Sorry I've been posting less often; I'm coming down the home stretch on version two of the site redesign, a pre-requisite for the fall fundraiser....

No votes yet


quixote's picture
Submitted by quixote on

what are the symptoms? You've lost all control of the account? You can still get in, but so can they, and they can send emails from it? Something else?

If you can still get in, step one would presumably be to change the password, but you've no doubt already done that.

Submitted by lambert on

got in, and sent some mail with bad links in it.

I have control over the account, and changed the password.

It's a Yahoo account, so there aren't a lot of bells and whistles (as in, its not programmable, I don't think).

Jeff W's picture
Submitted by Jeff W on

I got an email message supposedly from you at the email address you have, lambert.

It’s an obviously spurious message “wow this is pretty awesome you should give it a look” with a URL. I deleted it, knowing it was not from you. (In fact, Gmail flagged it — “Be careful with this message.”) Just FYI.

[Edit: Oops, this comment “crossed” yours—obviously, you know about the cracked email account.]

Submitted by YesMaybe on

One thing is to change the password on other accounts (if any, hopefully not) you have which had the same password. Maybe consider harder passwords. Mine when it got hacked was pretty short. Now I'm using keepassx and really long random passwords. There are other similar programs/services. Of course, that means I don't remember any of my passwords except gmail (on which I've kept the one reasonably secure password I do remember). But most of them (not banking, etc.) I have the browser remember anyway, so it's not too much of a hassle.

The only effect of mine having gotten hacked is I get spam messages on yahoo messenger ocassionally from accounts which I then block. But maybe I'd get those anyway, I'm not sure.

hells kitchen's picture
Submitted by hells kitchen on

through an email program on your computer. If the latter, are you using SSL to filter your mail. If Yahoo does not provide SSL settings for the direct access of your email on your computer's email program, you might have to find another service.

illusionofjoy's picture
Submitted by illusionofjoy on

To make it harder to crack, most IT departments recommend - if not outright require - one to use different cases, numbers and special characters in a password. For example:

suntan = weak
$u2+@N = strong

The main downside of a strong password, of course, is that you've possibly made your accounts safe from access from yourself if you can't remember the damn things!

Jessica Yogini's picture
Submitted by Jessica Yogini on

I read somewhere that most hacking now uses high-speed brute force methods and that therefore, mixing in numbers and symbols no longer has much point, but instead making the password very long is better.
I don't know enough to judge if this is accurate or not. If it is, the easiest would be to make a password out of a series of words or even a famous phrase. "Fourscoreandsevenyearsago" is nice and long and easy to remember, for example.

Kathryn's picture
Submitted by Kathryn on

... last december, in that the entire encrypted password file for all members was taken.

That was posted online. And since then there has been steady work by hackers to break the passwords. Mine got hit in July hence I had to look into the issue.

We are at the point that even with special characters in passwords anything under 10 characters is easily breakable. Password hackers have built a huge file on how people actually create passwords which gives them a logic to de-encrypt with as well.

Something like 5 letter passwords can be broken in 8 hours. 14 letters still takes months. Passwords you can remember easily are a thing of the past. Either you get a synchronization program that monitors them all and randomly changes them, or you go for something long and complex.

With Yahoo, I've had my password hacked twice in the last year. I ended up moving to gmail, which I don't like as much. I kept the yahoo account but deleted all the address book entries (since most hackers are looking for a way to amass email addresses for spam) and just use it to forward incoming to my new address.