It's that time again! Time for me to give you a few tips on keeping your internet life safe, and hack-free.
- Don't use the same password on all the sites that you use! If you use windows, KeePass is a good application for keeping all of your passwords in one place (and locked with a master password!) so that you don't forget them. If you are using a mac, you can use the Keychain which comes with your mac (it's in applications/utilities) or 1Password is what I personally use ;).
- Make sure that your e-mail password is different than any password you use on a site! If someone gets into your e-mail, they can use the 'lost password' functions on sites to get into any site that you play.
- It's a good idea to change your password monthly (or more often than that!).
I know that it's a hassle changing passwords and trying to remember them, which is why I linked to software that can help with that (or you can use the Keychain that comes with your mac!). Really, it's worth it to not log into your favorite sites one day to see that everything has been taken.
Posted by 
Keith
OblivionMasquerade
And apparently "widget" means "that obvious stuff I've been looking for for 10 minutes". I think you need to work on your layman's vocab and actually explaining where things went. :/
0
Koki
Or to log into WoW and see all your things are gone and your char is naked right Keith? lol
Have a friend who's been hacked twice this month. He should have listened to me and got an authenticator...
Have a friend who's been hacked twice this month. He should have listened to me and got an authenticator...
0
User not found:
Thanks for the post, great info there. <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
However I don't see any info for Linux users.
However I don't see any info for Linux users.
0
User not found:
There's also a Mac port of KeePass called KeePass X.
(I use KeePass at work, and needed to be able to use it on both platforms.)
(I use KeePass at work, and needed to be able to use it on both platforms.)
0
Aurora
Thanks for the reminder, Keith. =) As I've said to others, I'd trust you with my computer any day~
...And much love to whoever drew the police Kumos. o.o
...And much love to whoever drew the police Kumos. o.o
0
Rekenber
Eeep. There's two passwords that I always use, I have a terrible memory. xD
I personally use KeyScrambler, although it only protects against keyloggers. FireFox has a save password function, although I don't think it's a good idea to use, even though I use it. xD
I'll try to change my password ASAP.
I personally use KeyScrambler, although it only protects against keyloggers. FireFox has a save password function, although I don't think it's a good idea to use, even though I use it. xD
I'll try to change my password ASAP.
0
Montre
Thank you Mr. Keith! :3
And Mr. Kumos thing!
And I do agree, unlike neopets and other petsites, the people working here actually seem to CARE about preserving our security, and actually take the time to remind us of things such as this.
And Mr. Kumos thing!
And I do agree, unlike neopets and other petsites, the people working here actually seem to CARE about preserving our security, and actually take the time to remind us of things such as this.
0
Nuke
I love how the ones NOT screaming about a conspiracy are the ones being treated like completely unreasonable idiots, LOL.
0
Oasis
@PaintedSavages No one sold our info, okay? No one did that in 07 either! Its just some shitty rumor mills spewing out shit for the fun of it. Some of it came from some of the people at Virtual Pet List back in 07. Some of the rest came from the channers.
0
Koharu
Thanks for the tips Keith!<img src="http://images.subeta.net/smilies/6398_emoticon_happy.gif" border="0" />
0
Jules
Oh, KeePass looks interesting, is it really good? I've been using PasswordsMax, but it's not free. I've been happy with it. Wondering if I should try KeePass. I don't change my passwords enough. I should really work on that! Comment me if you have any input on the software I use or want to try, thanks :-)
0
nada
Change password every month? I don't even have to do that AT WORK.
Even so, I have a different password for every site (excluding the ones I don't care much about... like facebook) and an entirely different one for e-mail. I shall continue feeling safe, until someone hacks me, I guess...
Even so, I have a different password for every site (excluding the ones I don't care much about... like facebook) and an entirely different one for e-mail. I shall continue feeling safe, until someone hacks me, I guess...
0
InSaNe
I love KeePass by the way. Makes things so much easier. Hack KeePass, and you hacked the whole internet package of someone! How cool!
0
Oasis
Thanks for letting us know Keith. I've got to change that pass now. I've had it since, I guess late 07? Well it needs to be updated anyways.
0
Diana_Marie
Thanks for the reminder.
It's good practice to change your password.
I get busy with life and forget.
It's good practice to change your password.
I get busy with life and forget.
0
User not found:
i love you thanks for keeping care of use
0
Paddy
<b>Quote:</b><blockquote style="padding:5px; line-height:15px; background-color: #FAFFFF; border: 1px solid #000000; font-family: georgia; font-size: 10;">
The hashes being posted are from JUNE, when the exploit happened. We've asked people to change their passwords multiple times since then.
</blockquote>
Thanks for the clarification, Keith <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" /> (and the reminder - it's always useful to have a nudge in the direction of "change your password" every now and then <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" /> )
The hashes being posted are from JUNE, when the exploit happened. We've asked people to change their passwords multiple times since then.
</blockquote>
Thanks for the clarification, Keith <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" /> (and the reminder - it's always useful to have a nudge in the direction of "change your password" every now and then <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" /> )
0
Dreamer4Darkness
You know, this news update made me realize that it's probably not a good idea that I use the same info for everything.. I think I'll change it now, thanks Keith <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0
Kali_818
People are you serious?`What is so difficult finding the link to change your Password? o.o Click PREF on top and then Password. Nothing easier then that...
0
styn
never mind me, read the rest of the page.
question though, does changing your password really help? obv. it helps to make it hard to guess, but if its something like 349834qfh73 i won't be guessed. changing hasnt got a point because of someone pulls a prank like that mysql injection they get it all anyway!
question though, does changing your password really help? obv. it helps to make it hard to guess, but if its something like 349834qfh73 i won't be guessed. changing hasnt got a point because of someone pulls a prank like that mysql injection they get it all anyway!
0
styn
so did someone get a hold of the passwords again, or is this really a friendly reminder?<img src="http://images.subeta.net/smilies/6398_emoticon_raspberry.gif" border="0" />
0
hollo
@TheTrueToadSage: Hover over Prefs, go to Customize Sidebar, and there'll be an option Password that you can click on to change it. :3
0
Nuke
I have no idea what's going on, I obviously missed something, but the people screaming CONSPIRACY have me just laughing my ass off. Really guys? If you're all such paranoid fucks then get out, we don't want you here. And I'm sure Keith and the staff don't appreciate the distrust. I personally trust Keith BECAUSE he does things like this. If he wanted to screw us all over, he would've done it a long time ago. And like many of you have said, it's a petsite, so what would be the point?
You kids nowadays and your constant conspiracy theory bullshit. It gets OLD. Sigh.
You kids nowadays and your constant conspiracy theory bullshit. It gets OLD. Sigh.
0
Keith
Also, I'll say it again for 'what happened', it's the same thing that we've made <strong>multiple posts</strong> on. The user information that's being posted today is the same user information that was posted <strong>months ago</strong> that was got during a MySQL Injection attack which happened almost a year ago. At that time (and multiple times since then) we've made news posts asking users to change their passwords and keep up with good security practices.
0
ricecake
I don't trust KeePass, but thank you for the update. I have no clue what happened, and it's probably best that I not know what's been done. However, curiosity does get the better of me. <img src="http://images.subeta.net/smilies/6398_emoticon_raspberry.gif" border="0" />
0
Keith
Lyliko, if you honestly have a method of logic that allows you to think that I could <strong>sell user accounts</strong> (or personal information which is illegal, btw) to <strong>fund a layout</strong>, then I suggest you hit the log out button.
The cash shop is our primary (only) source of income and it provides more than enough to fund projects like the layout switch. Not only that, but we have income from our other sites (Valenth and Squiby). I think that the IRS would have trouble looking at our source of income sheets and seeing $5 made from selling user personal information.
The cash shop is our primary (only) source of income and it provides more than enough to fund projects like the layout switch. Not only that, but we have income from our other sites (Valenth and Squiby). I think that the IRS would have trouble looking at our source of income sheets and seeing $5 made from selling user personal information.
0
Mod
<b>Quote By :</b><blockquote style="padding:5px; line-height:15px; background-color: #FAFFFF; border: 1px solid #000000; font-family: georgia; font-size: 10;">what do you think he's using the money for anyways? bikini waxes?</blockquote>
I lol'd
IcabodCrane- How exactly is Keith insinuating this is your fault? I certainly don't see anything resembling that.
As always, thanks for the reminder Keith. And people? Calm down.
I lol'd
IcabodCrane- How exactly is Keith insinuating this is your fault? I certainly don't see anything resembling that.
As always, thanks for the reminder Keith. And people? Calm down.
0
ney
@IcabodCrane
LOL how is he saying this is your fault?
and if you know who's doing this, srsly come forward and just fucking say it. if you file a ticket or something i seriously doubt that person will know. what is this, the first grade? this isn't some bully cheating off your math homework, this is serious biz and not telling someone you know valuable info is stupid.
did this person tell you they were the hacker? o__O
LOL how is he saying this is your fault?
and if you know who's doing this, srsly come forward and just fucking say it. if you file a ticket or something i seriously doubt that person will know. what is this, the first grade? this isn't some bully cheating off your math homework, this is serious biz and not telling someone you know valuable info is stupid.
did this person tell you they were the hacker? o__O
0
Lyanna_421
Being overly concerned about your accounts doesn't seem so bad to me. It makes people open up their eyes and realize something could potentially occur, so preventing it isn't bad idea. However, I will admit I'm a little concerned that this is happening again. I would like for once that the users be told the truth about how secure our account really are, and if not, why nothing's been done to change it. I'm getting scared, not only because I donate quite often, but because this happens pretty often. :S
0
hollo
@Lyliko: Illegal? How? Was it on the black market? Was the Russian Mob involved? Were there meetings in abandoned warehouses? This is the first time I've heard this, and nothing you've mentioned makes it sound illegal.
And Ichabod, omg. "I know who's doing this but I can't say because they'll hack me oh noes!" Didn't you just say your computer is pretty well protected? Going back on what you said now?
And Ichabod, omg. "I know who's doing this but I can't say because they'll hack me oh noes!" Didn't you just say your computer is pretty well protected? Going back on what you said now?
0
mini
Why don't we all just play on sites that we don't trust. Boohoo. <img src="http://images.subeta.net/smilies/6398_emoticon_sad.gif" border="0" />
0
Mackenzi
I don't see why anyone is taking those boards worth a grain of salt.
How can you beleive a person who is supposedly trying to protect your passwords and accounts if they stole or hacked somebody else's account to say so?
How can you beleive a person who is supposedly trying to protect your passwords and accounts if they stole or hacked somebody else's account to say so?
0
ney
OBVIOUSLY THIS IS ALL A CONSPIRACY BY THE GOVERNMENT TO TRY AND COVER UP AN ALIEN INVASION!! THE MOON LANDING WAS STAGED!!
0
Lyliko
On Gaia and Neopets it is illegal for users to sell the items for real money. Same goes for this site.
0
IcabodCrane
@ney technically if he had the money before he told them to change it it'd be like being paid to hack a bank and then the bank changing their pin while the seller walks away with the money. I don't know what's going on here but I'm pretty fucking mad that Keith's insinuating this is my fault. I know who did it, but they threatened to hack me if I said a word... my computer's worth more than a petsite, so excuse me for not saying something.
0
Nyaochan
God damn...if some of you people have so little faith in the site and it's owner and staff, why are you still here? Just so you can try to lend some kind of credence to these little ploys when they happen and try to panic the rest of the users while they're trying to get the situation under control?
Oh god, the posts disappeared! That couldn't possibly be because they contained sensitive information...oh no. It must be because Keith is trying to cover something up, right?
Oh god, the posts disappeared! That couldn't possibly be because they contained sensitive information...oh no. It must be because Keith is trying to cover something up, right?
0
ney
guys what would keith possibly gain out of selling our information and THEN telling us to change our passwords? that's like someone hacking your bank account and telling you to change your pin so that they can't hack your bank account.
if keith seriously wanted to (and i seriously doubt he would ever do this) sell our information why would he try and help us afterwards?? why wouldn't he just tell us to "fuck off"? what do you think he's using the money for anyways? bikini waxes?
srsly guys srsly.
if keith seriously wanted to (and i seriously doubt he would ever do this) sell our information why would he try and help us afterwards?? why wouldn't he just tell us to "fuck off"? what do you think he's using the money for anyways? bikini waxes?
srsly guys srsly.
0
Libertine
Lyliko, you aren't really helping. People will get more worried and the hackers more eager to keep doing what they are doing. Hackers like attention, that's why they show off like that. Of course they should delete everything related to it, if everybody starts to panic everything sure will get better, right?
And really, where people spend their money doesn't really concern anybody else, does it? How does buying stuff on other sites makes it illegal? Sorry if I'm missing something here :/
And really, where people spend their money doesn't really concern anybody else, does it? How does buying stuff on other sites makes it illegal? Sorry if I'm missing something here :/
0
IcabodCrane
Because my computer's pretty well protected, I don't have to worry about my personal stuff... and if someone hacks my subeta account then it's just a game that got fried.
0
carson
<b>Quote:</b><blockquote style="padding:5px; line-height:15px; background-color: #FAFFFF; border: 1px solid #000000; font-family: georgia; font-size: 10;">I know I've heard about Keith buying like 300 USD worth of items on Gaia on some site that also sells Neopet items.</blockquote>
... what does that have to do with this, exactly? :T
... what does that have to do with this, exactly? :T
0
Lyliko
Why would someone go to the trouble of hacking all these accounts and wasting their day to spread this?
When they could probably get away with hacking if they were more discrete?
When they could probably get away with hacking if they were more discrete?
0
Lyliko
What purpose do the hackers have by accessing and posting all these threads? Where there's smoke there's usually fire.
May not have sold ALL of the accounts but maybe a few for funds for the layout.
I know I've heard about Keith buying like 300 USD worth of items on Gaia on some site that also sells Neopet items.
May not have sold ALL of the accounts but maybe a few for funds for the layout.
I know I've heard about Keith buying like 300 USD worth of items on Gaia on some site that also sells Neopet items.
0
IcabodCrane
Duck, that still doesn't make me feel any better, especially with the other occurances I've stated.
0
odduckOasis
One reason why that post was deleted, as I read over it, is in the 'need more proof' part where it added in some codes, it revealed pws for 3 current users!!
There are such things as hackers, but there is nothing to be gained by selling pws to third parties, unless said third parties are hackers, but what would be gained in doing that for anyone? Every site out there that has members tells their customers to change their pws on a regular basis, avoid phishing scams and don't give your pw out to anyone at all ever. I have worked for places where the pws are coded and only ceratin people can obtain them, or send them to the 'customer' with the computer system, but they can't actually see them. Hackers can go into the code, if they know how, to find the pws, but it's very difficult and nothing can be gained by doing so for a site like this. All that happens is havoc, but no monitary gain comes from doing so.
If the owner of the site asks you to change your pw on a regular basis, he is telling you to keep yourself safe, just as any online site would, including, eBay, Verizon, any and ALL creditcard companies and banks. If you feel your pw is compromised, change it immediatly. Keith cannot 'fund' this site by selling our pws, to whom would he sell them to? And if he sold them to hackers, what would they be able to get from it? Fake money and gif pets and clothes? Please,people you need to stop thinking there's some big conspiracy going on here. I"ve been here for several years and have never had my account compromised- because I don't give out my pw and I change it often.
So calm down.
Thanks for the update.
There are such things as hackers, but there is nothing to be gained by selling pws to third parties, unless said third parties are hackers, but what would be gained in doing that for anyone? Every site out there that has members tells their customers to change their pws on a regular basis, avoid phishing scams and don't give your pw out to anyone at all ever. I have worked for places where the pws are coded and only ceratin people can obtain them, or send them to the 'customer' with the computer system, but they can't actually see them. Hackers can go into the code, if they know how, to find the pws, but it's very difficult and nothing can be gained by doing so for a site like this. All that happens is havoc, but no monitary gain comes from doing so.
If the owner of the site asks you to change your pw on a regular basis, he is telling you to keep yourself safe, just as any online site would, including, eBay, Verizon, any and ALL creditcard companies and banks. If you feel your pw is compromised, change it immediatly. Keith cannot 'fund' this site by selling our pws, to whom would he sell them to? And if he sold them to hackers, what would they be able to get from it? Fake money and gif pets and clothes? Please,people you need to stop thinking there's some big conspiracy going on here. I"ve been here for several years and have never had my account compromised- because I don't give out my pw and I change it often.
So calm down.
Thanks for the update.
0
IcabodCrane
Well I'm with Lyl... my trust has been pretty compromised. I mean Aaron said Godlies would NEVER end up in the frag shop again, and then the DAY after I get my SSB it's in there for 10k crystals. Ontop of that... then there's a ton of hacks going about the site which has happened over and over again.
0
Keith
I don't ask that you trust <strong>me</strong>, but we're a <strong>team</strong> and we all work on the security of the accounts. I'm not bothered if you think I'm a money hungry whore who would sell out all the users in the drop of a hat, but I can guarantee you that the rest of the team would be objective to that <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />.
0
Keith
Not to mention, they were posting <strong>false information</strong>, that not only undermines the security efforts that we have made (including having a firm look over our MySQL code to make sure that we are protected from injections) but it makes people question the safety of their accounts.
We are <strong>not</strong> selling user account information (if I was that hungry for money, I'd be putting ads all over the site <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />)
We are <strong>not</strong> selling user account information (if I was that hungry for money, I'd be putting ads all over the site <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />)
0
Keith
Why... would we leave <strong>40</strong> threads that the person made <strong>on a hacked account</strong>. Why would we leave that, and not delete them (or, in reality, we moved them to the UA forums). It doesn't make any sense.
0
FexHex
wait a minute--if we have PINS protecting all our areas: bank, vault, shop till, etc. what could anyone do if they did get our passwords? i thought that's what the PINS were all about.
so are we supposed to change our PINS as well as our passwords now?
*ish SO confussed*
so are we supposed to change our PINS as well as our passwords now?
*ish SO confussed*
0
Keith
@IcabodCrane No -- We're just posting this so that users are smart enough (this time) to change their password.
The hashes being posted are from JUNE, when the exploit happened. We've asked people to change their passwords multiple times since then.
The hashes being posted are from JUNE, when the exploit happened. We've asked people to change their passwords multiple times since then.
0
User not found:
oh, mayor dramz!!
sometimes it really seems as if the users were against keith (and staff) <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />
sometimes it really seems as if the users were against keith (and staff) <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />
0
IcabodCrane
I'm still starting to wonder if the selling to third party access is true... it seems like if there was an SQL inject that allowed this, that they'd put it up right away, not wait until accounts start getting nuked.
0
Psychedelia
FexHex if you don't know, you have 32bit <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0
Lyliko
Someone posted a thread saying Keith sold user accounts and passwords to someone and he said it was for funds towards a new site layout. Then the thread suddenly vanishes like it never existed and then the news announcement. :I
This is fishy as fuck.
This is fishy as fuck.
0
User not found:
I always get hacked occasionaly by a certain person bt now NO MORE!!! thanksXS TO SUBETA ^^
0
calie
Ack! Do you have any idea how many usernames and passwords I have to remember every day? No complaining anybody! I love how Subeta reminds us every now and then, because I'm always forgetting about security on my game sites.
0
FexHex
keith--can you please put a link in your post to where we change our passwords?
some of us can`t find it in the new format. it's not under preferences anymore.
some of us can`t find it in the new format. it's not under preferences anymore.
0
Libertine
Weird posts here, what's happening? I'll change again just to be safe.
Actually, can we really be safe? Seeing all that information popping here is really really weird and scary.
Actually, can we really be safe? Seeing all that information popping here is really really weird and scary.
0
User not found:
FexHex, its a cookie grabber.
Youre an idiot for clicking it.
KELLLLLLLLY CLARKSOOOOOOON!
Youre an idiot for clicking it.
KELLLLLLLLY CLARKSOOOOOOON!
0
FexHex
ok, i know i'm pretty pc-illiterate, but i can usually download a program with no problem. but when i went to download this one, it asks me which windows platform i have: 32-bit or 64-bit. huh???
if this is required information to download, can't they at least tell me where to find it?? anyone?
if this is required information to download, can't they at least tell me where to find it?? anyone?
0
User not found:
Mogel, Cyde, Jakey, Longcat?
WHAT A WALK DOWN MEMORY LANE
WHAT A WALK DOWN MEMORY LANE
0
Orange
I changed my password and then I couldn't log in for over a half hour.
The forget password wasn't working at first, but now it is.
Finally got back into my account.
The forget password wasn't working at first, but now it is.
Finally got back into my account.
0
User not found:
@Zoshi_the_Confused
Oh, I see.
I should have figured as much.
I have a short memory apparently.
x.x
Oh, I see.
I should have figured as much.
I have a short memory apparently.
x.x
0
Sensuous
OH how fun.
I use diff passwords so safe. <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />
just to be sure...
/changes
I use diff passwords so safe. <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" />
just to be sure...
/changes
0
Psychedelia
Private email server ftw <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0
User not found:
"Really, it's worth it to not log into your favorite sites one day to see that everything has been taken. "
Yeah, considering Ive done that to 30+ so far <img src="http://images.subeta.net/smilies/6398_emoticon_sad.gif" border="0" />
Yeah, considering Ive done that to 30+ so far <img src="http://images.subeta.net/smilies/6398_emoticon_sad.gif" border="0" />
0
IcabodCrane
I keep wondering why after every one of these little problems, somehow a few days or weeks later a meticulous list of passes ends up on a site and it ends up ultimately in this happening. I browse the little pet-site forums and it always sends to pop back up. Is the security really that bad?
0
Lamb_774
ALSO, the version of Norton I got with my computer, had a internet toolbar that keeps the passwords saved with a master PW too.
0
User not found:
How does this relate to those weird boards popping up everywhere (if at all)?
I think I noticed those on the tail end, so please don't shoot me if I'm treading into deep water here.
I think I noticed those on the tail end, so please don't shoot me if I'm treading into deep water here.
0
MidiMaddie
I must research this Keychain thing. I just got my mac not too long ago and am still mac-tarded <img src="http://images.subeta.net/smilies/6398_emoticon_sad.gif" border="0" />
0
User not found:
I'm VERY happy that you care for us. I love BEING CARED FORRR. <img src="http://images.subeta.net/smilies/6398_emoticon_grin.gif" border="0" />
0
Libertine
I'm still a little lost with the new layout, can't find where I change my password lol. When I find, I'll change it <img src="http://images.subeta.net/smilies/6398_emoticon_raspberry.gif" border="0" />
Thanks for the tips!
Thanks for the tips!
0
Lycanthrope
Thanks! <img src="http://images.subeta.net/smilies/6398_emoticon_happy.gif" border="0" />
0
Monsoon
Oh neat ideas for password storage! I use my trusty notebook here at my computer desk, though. <img src="http://images.subeta.net/smilies/6398_emoticon_wink.gif" border="0" /> And yep - time to change info again... *runs off to do so* <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0
Peach
OT: Ohh, the dashboard thing alerts us to News! Cool <img src="http://images.subeta.net/smilies/6398_emoticon_smile.gif" border="0" />
0
User not found:
thanks~ must save this and use it~
0
User not found:
HA SECOND PLACE..
I am glad Keith takes care to keep us safe... -hugs-
I am glad Keith takes care to keep us safe... -hugs-
0