Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Gmail account hacked, how can i protect it from happening again?

  • 13-11-2010 5:14pm
    #1
    Registered Users, Registered Users 2 Posts: 1,378 ✭✭✭


    First time my email has ever been hacked, it was accessed from China at 2.30am, and seemed to send spam to all my contacts list, and turned on my out of office reply to bounce spam back at anyone who sent me a mail.

    My contacts seem to have been deleted also, assholes!:mad:

    Ive changed my password, is there anything else i should or can do?


Comments

  • Closed Accounts Posts: 10,808 ✭✭✭✭chin_grin


    Report it to Google themselves? Other than changing your password there's not a lot else!

    Also try to ensure that it's not a word in the english language, contains numbers AND upper and lower case letters. Also special characters might help. It'd be a feck of a password to remember but it'll keep your account hack free (hopefully!).


  • Registered Users, Registered Users 2 Posts: 1,378 ✭✭✭Cherrycola


    Ive changed my password and password recovery question, and recovery email account, so i guess thats all i can really.

    Im wondering though why my Google calendar page is showing the Https in the address bar as red, with a line through it, like its not a secure page. :confused:
    My main gmail page is fine, green padlock, but when i go to Calendar its coming up with a red padlock. Im using Chrome, can anyone shed some light on that?


  • Closed Accounts Posts: 884 ✭✭✭spider guardian


    Make sure you provide non-obvious answers to secret questions. I highly recommend using passwords generated from this page:

    https://www.grc.com/passwords.htm

    It's possible a keylogger was used to obtain access to your account. Make sure you have anti-spyware software installed.

    Must say it seems strange that there is a red padlock showing for your calendar, can't think why to be honest, could be a problem with Google's own SSL cert?


  • Registered Users, Registered Users 2 Posts: 3,357 ✭✭✭snappieT


    Nobody has mentioned, but allowing sites like Facebook to access your Gmail to send mails to your contacts poses a risk, as you're giving Facebook your password. While Facebook is probably safe, there are many sites that engage in this practice who may not be.


  • Registered Users, Registered Users 2 Posts: 953 ✭✭✭hearny


    The best way of making sure the password is hard to crack using brute force is as mentioned to include Uppercase, Lowercase, Numbers and Symbols with a minimum character length of 8. e.g. s9umaP$8 or 72se$?Ag
    Go to http://www.pctools.com/guides/password/ to generate your own, after using the password for a while you will get the hang of it.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 3,537 ✭✭✭SickBoy


    Also worth noting is the account details at the bottom of the gmail page. If you click on details it will display a list of activity and show you if you're logged in from some other PC. You have an option to "Sign out all other sessions". Changing your password doesn't sign out other sessions as far as I know.


  • Registered Users, Registered Users 2 Posts: 1,378 ✭✭✭Cherrycola


    SickBoy wrote: »
    Also worth noting is the account details at the bottom of the gmail page. If you click on details it will display a list of activity and show you if you're logged in from some other PC. You have an option to "Sign out all other sessions". Changing your password doesn't sign out other sessions as far as I know.

    Yeah ive done that already. ;)


  • Closed Accounts Posts: 157 ✭✭nudist


    I use a firefox addon called lastpass-as long as the master password you set it up with is good then you should be secure. Generate your new gmail password and log on using the screen keyboard.

    Oh and if you can do use a linux distro of some sort and therefore bypass tons of malware. I cant remember the last time i ran a antivirus scan :pac:


  • Closed Accounts Posts: 13,874 ✭✭✭✭PogMoThoin


    The easiest way for a spammer to gain access to Your email is setup a site that requires login and ask for email and a password when You register. If You use the same password they have access to Your emails.

    I've one password I use for my email, lastpass and one or two other sites I access regularly, all others passwords are completely random and saved in lastpass
    http://lastpass.com/


  • Registered Users, Registered Users 2 Posts: 1,378 ✭✭✭Cherrycola


    PogMoThoin wrote: »
    The easiest way for a spammer to gain access to Your email is setup a site that requires login and ask for email and a password when You register. If You use the same password they have access to Your emails.

    I've one password I use for my email, lastpass and one or two other sites I access regularly, all others passwords are completely random and saved in lastpass
    http://lastpass.com/


    I think this is exactly what happened, cos ive definitely used my email and same password to register for other sites, i tend to use the one password so its easy to remember,:o Not anymore!
    They would be pretty secure sites or so i thought, the likes of say Topshop/Warehouse/Amazon. :confused:


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,378 ✭✭✭Cherrycola


    Ok, so ive installed Lastpass, can you give me a quick rundown on what exactly it does?
    It seemed to import some of my sites and passwords when i installed, but not everything was there, Facebook was missing and Paypal.
    ive used the same password for Lastpass, and for my gmail now, but what should i do for all other logins, say lke Amazon? Create a random password, letters/numbers, and let Lastpass save so it dont have to remember it? Is that the idea?
    Lastpass doesnt actually create the new random password no? :confused:

    The last thing i want to do is change my password to a jumble of letters and numbers and then not be able to log back in! :eek::D

    Obviously sites like amazon are ones i worry about as i have payment information saved in there. Same goes for Paypal!


  • Registered Users, Registered Users 2 Posts: 1,378 ✭✭✭Cherrycola


    Ahaaaaaa, i see now. ;)

    Went to change my paypal password and Lastpass offered to generate a new random one, and then saved it.

    Pretty cool! :cool:

    Why have i not heard of this before now??!! Everyone should use this.

    Thanks a mill guys. :)


  • Closed Accounts Posts: 29 NoRegrets


    One of the easiest ways to make your account more secure is to make sure you always have the use https setting ticked, to do so just log into your account click settings - browser connection - always use https.


  • Closed Accounts Posts: 13,687 ✭✭✭✭jack presley


    Cherrycola wrote: »
    Ahaaaaaa, i see now. ;)

    Went to change my paypal password and Lastpass offered to generate a new random one, and then saved it.

    Pretty cool! :cool:

    Why have i not heard of this before now??!! Everyone should use this.

    Thanks a mill guys. :)

    Can you set it up to work on more than 1 PC. I sometimes book flights, buy tickets etc. at work and the demo states that it stores the password locally on your PC so if I use a different computer to the one where I set up the password, how will that work?


  • Registered Users, Registered Users 2 Posts: 1,378 ✭✭✭Cherrycola


    No idea to be honest, but good point! How would i access my facebook from another pc or iphone if i have a random password. hmmm, anyone know?


  • Closed Accounts Posts: 13,874 ✭✭✭✭PogMoThoin


    Can you set it up to work on more than 1 PC. I sometimes book flights, buy tickets etc. at work and the demo states that it stores the password locally on your PC so if I use a different computer to the one where I set up the password, how will that work?

    Yes You can, on any OS, Windows, linux, mac, with any browser Internet explorer, firefox, chrome, safari and even on android phones or iphones. They also do a usb utility that You can also carry an encrypted copy of all Your passwords with You on a usb key. It really is an amazing piece of kit, passwords are saved online encrypted on their server.


  • Registered Users, Registered Users 2 Posts: 1,378 ✭✭✭Cherrycola


    So i can log into my Lastpass account from any PC and that will enable me to login to all my websites?


  • Banned (with Prison Access) Posts: 7,102 ✭✭✭Stinicker


    My hotmail got hacked two days ago and like the OP it was the first time anything like this ever happened to me. I am pretty mad over it and am busy trying to change dozens of passwords from two or three common ones one of which the feckers guessed.


  • Closed Accounts Posts: 13,874 ✭✭✭✭PogMoThoin


    Cherrycola wrote: »
    So i can log into my Lastpass account from any PC and that will enable me to login to all my websites?

    No, only on pc's that You can install the software on. But what You can do is either carry Your passwords encrypted on a usb key or visit the lastpass website and login to see them online. You shouldn't be logging in to sites on strange pc's internet cafe's, college etc, You never know how secure they are or if they have keyloggers etc. This is the weak point in this security, the end user is the weakest link.


  • Registered Users, Registered Users 2 Posts: 184 ✭✭Razzuh


    If you ever have no choice but to log in using a public PC, a handy trick to fool basic keyloggers is to use copy and paste: highlight a character that's in your password (the character might be in text on the login page or just copy it on another site) and then right click and paste it in the 'password' field of the login form. Then you can type the other characters. Not all keyloggers will be fooled by this but a lot will.


  • Advertisement
Advertisement