# Hacking Accounts and How to Prevent it



## duo2nd (Feb 26, 2009)

Over the last few days, I just got some reports on some accounts getting hacked by unknown people who really despise everything related to them. The bad thing is some of the victims were famous Furry Artist and Famous Artists who stayed in FA for at least more than 2 Years. This is a very serious problem to all users.

And we know that that admins were doing they're best to keep the site Hacker Free. But to make sure were not really hacked or at least bring hacked, we must do some countermeasures:


1. Make Sure We got an Anti-Virus and Anti-Spyware Software Running: Some hackers originated from viruses and spyware and we need to make sure everything's clean. So a Anti-Virus and Anti-Spyware software are required.

2. Change Your Passwords within 2 Months: Hacker's first priority on hacking your account is to change the password of the victim account so the real user can't access it. So it's better to change Passwords within 2 months.

3. BE ALERT and Call for Admins: If you see anything wrong with your account like a strange pic that was not friendly or your submissions were deleted, it means that the Hacker was in your account. It's better to be alert and contact the admins for help and assistance.


Well with these, I think were gonna be saved. But if there's other tips, then tell me. :3


----------



## WarMocK (Feb 26, 2009)

duo2nd said:


> 1. Make Sure We got an Anti-Virus and Anti-Spyware Software Running: Some hackers originated from viruses and spyware and we need to make sure everything's clean. So a Anti-Virus and Anti-Spyware software are required.


Frequent system updates and patches aren't a bad idea either. 



duo2nd said:


> 2. Change Your Passwords within 2 Months: Hacker's first priority on hacking your account is to change the password of the victim account so the real user can't access it. So it's better to change Passwords within 2 months.


2 months? Ouch!
If you use a SAFE password (at least 12 chars, capital and small letters, numbers etc) you can easily make that a year.



duo2nd said:


> 3. BE ALERT and Call for Admins: If you see anything wrong with your account like a strange pic that was not friendly or your submissions were deleted, it means that the Hacker was in your account. It's better to be alert and contact the admins for help and assistance.


QFT. ^^

4. Do NOT use the same PW for several accounts, that makes it much easier for the bad guys. 1 Account, 1 PW.


----------



## Eevee (Feb 26, 2009)

duo2nd said:


> 2. Change Your Passwords within 2 Months: Hacker's first priority on hacking your account is to change the password of the victim account so the real user can't access it. So it's better to change Passwords within 2 months.


what

if someone _already_ changed your password, how could you even get in your account to change it yourself


----------



## LizardKing (Feb 26, 2009)

5. Stop being such a douche that people would actually want to do this to you.


----------



## PriestRevan (Feb 26, 2009)

LizardKing said:


> 5. Stop being such a douche that people would actually want to do this to you.


 
Looks like I'll be fucked over soon enough.


----------



## Carenath (Feb 26, 2009)

LizardKing said:


> 5. Stop being such a douche that people would actually want to do this to you.


Isnt that easier said then done, I mean most of the people who want to see FurAffinity destroyed are the same people that took Herpy down a few months back, they hate furries, they hate the artwork this site is imfamous for, and they dont particularly care who they would target.

Just use a secure password, simple. It really is all you can do until Yak or whoever manages to shoehorn a strikes system into FurAffinity's login code to prevent or mitigate brute-forcing of accounts.


----------



## WarMocK (Feb 26, 2009)

Carenath said:


> Just use a secure password, simple. It really is all you can do until Yak or whoever manages to shoehorn a strikes system into FurAffinity's login code to prevent or mitigate brute-forcing of accounts.


The best way for preventing a brute-force attack from being successful is to make a validation check for the PW and ensure that it isn NOT used by anyone else on FA. But that wouldn't stop someone who hijacked someone's mail account and resetted the password. In this case the user is screwed.


----------

