markbyron
Club 4000 Member
Inactive Server Founder
Server Founder Inactive
Posts: 5,230
|
Post by markbyron on Sept 7, 2016 13:04:44 GMT
For prospective admin applicants and for existing admins to avoid a sudden removal when I or execs check your forum email account security: 1. Goto a site like haveibeenpwned.com and enter the email account you use for the forum. 2. If the result is not a green light but a red, "Oh no — pwned!", you must create a fresh new email alias account to use on the forum. It doesn't matter how long ago the breach was. 3. After you create the new email account, goto www.proboards.com/account/settings and change your email address to the new one. Doing the above simple steps will greatly reduce your chances of being breached and being removed from status but you still need to have excellent password security - use a site like www.passwordmeter.com |
|
markbyron
Club 4000 Member
Inactive Server Founder
Server Founder Inactive
Posts: 5,230
|
Post by markbyron on Sept 7, 2016 13:34:02 GMT
Even though a breach might have happened in the past, your email address is still out there and using a fresh email alias makes it much more difficult for a potential hacker to get a positive result; even if they successfully hack your old email account, they won't get access plus it better ensures your privacy and ensures that a successful hack on one account won't get access to every service you use. In any event, if your email account has shown a breach (current or past), you'll need to use a different one if you want admin status / clanforge - i've done the same for myself and will change as needed in the future; it's so easy to do. More reasoning: An email address that's breached will likely be subjected to further attacks in the future. While using different strong passwords for different accounts is a solution, if your email account is breached, it's a simple matter to reset the passwords to all the accounts that belong to that email address. Also, don't think a breach is simply a fault of yours - in addition to social engineering to gain access to your account using answers to 'secret' questions, there's incompetence of the service provider giving access to the hacker without due diligence - see this case of YouTuber H3h3 ohnotheydidnt.livejournal.com/102472732.htmlSo if you have different email addresses for your various services, the damage will be minimized if that account is compromised - they don't get all the keys to the kingdom. Using multiple email aliases that have never been breached will reduce your exposure. This aspect of using multiple e-mail addresses across different accounts is discussed on the Securosis Information Security & Research Analysis website here at securosis.com/blog/consumer-security-tip-use-multiple-email-accounts-to-reduce-fraud-and-spam |
|
