Saturday, October 13, 2012

Account Safety

Account Safety: It's Your Damn Job

There is no worse feeling then trying to log onto any video game only to find that your account has been hacked, hijacked, banned, or had its password changed by someone else. A lot of things may go flying through your head, and it's tempting to blame everyone else but yourself. The company doesn't have enough security! My account was brute forced! Well, chances are that your account was compromised because you did or didn't do.

It's so easy to overlook account security, and it's usually the last thing on your mind.  The sad thing is that it is so easy to keep all your information safe, including your gaming accounts, email, bank, and anything else that you might use the internet for.  There is no reason why your account for anything should be compromised, just follow this simple little guide.

Keep Your PC Safe

The first step in any plan to protecting yourself from getting hacked would be to make sure that your computer is safe from any viruses, key-loggers, and exploits.  Changing your password would do you no good if the other party can just see what your new password is going to be. This is one of the most common ways that accounts become compromised.  There are a verity of different ways a computer can become compromised:
  • Opening .exe email attachments (Obviously)
  • Using a old (non-updated) browser with security flaws (all it takes is an ad on a trusted site running an exploit kit)
  • Downloading untrusted apps, bots, cheats, key-gens etc that may or may not work but also contain viruses
So what does all this mean? Are you not suppose to use the Internet at all? Well, all you need to do is keep your browser up-to-date, it really doesn't matter which one you use.  I personally prefer FireFox, but as long as your still not using Internet Explorer 6 (and yes people still use it to view this very site), then you are ahead of the curve.  Here's a list of all the things you need:
  1. Up-to-date Browser: I personally like FireFox because it self updates, but I'm pretty sure all the rest do as-well.  Just be sure to let them update.
  2. Let Windows Update: Windows will automatically download and update security updates, just be sure to have auto-updates on.
  3. Keep Adobe, Flash, Etc. Updated: People occasionally find ways to exploit security holes in these programs, but as long as you let them update when they want to then you'll be a lot safer.
  4. Anti-Virus: Keep any anti-virus running on your computer like AVG.  Most have a passive scanner that will detect threats as soon as you come across one.
Basically, keep your stuff up-to-date and you won't be getting hacked.

Account Safety: Passwords

Here's where things get a little bit tricky. As annoying as it is you really need to use more then one password.  Let me explain why, if you use one password for everything then it is so easy for someone to basically steal your online identity.  As soon as one log in gets compromised (that contains your email information) then they will have access to your email.  Once they are inside your email, all they have to do is do a bit of reading to see what else they have, including banking information, pay-pal, etc.  Worst of all, if they change your email password then account recovery becomes much harder if you are unable to recover your email account.

This is probably one of the most common ways that hackers can get access to accounts in bulk.  They find exploits, hack, or even bribe the operates of fan-sites/forums and even large guild/clan websites/forums for all the log in information that is stored on the site.  Once they get this information, they just run a script to see how many people use the same password for their emails, and now you have access to everything tied to that email account.

What you need to do to prevent getting completely screwed because one account got compromised:
  • E-mail: Separate password that is used for nothing else, I would even use two different emails.  One for high security stuff like banking information, gaming accounts, pay-pal, etc., and one for forums, subscriptions, etc.
  • Game Accounts: Separate password for gaming accounts.
  • Throw Away Password: There are things everyone signs up for they don't care about, just use a throw away password for these.
  • High Security: Just for Pay-Pal, Banking, Etc.

Fake Sites

These are sites that look identical to a real website, or even look like a real company offering you to see a video game for cheaper if you just type in your steam account and password to log in. These are really simple to avoid, just look at the actual web address above to make sure that its the real deal.  If you are say trying to log in on Facebook, and the web address says Ffacebook.com then its obviously fake.  If your shopping and see a site that offers you a huge discount on something then do a simple Google search to see if their legit.

It's not that hard to keep your accounts safe, just use some common sense and stop being lazy using one password for everything.