My TradingView Account Got Hacked!

[ph1l]

I didn't know generators could also spit out usernames and secret questions. Do you know of any good ones? Also another problem these days is that most sites require your email address as username.

I meant a password generator like
https://www.lastpass.com/features/password-generator#generatorTool
can create something one can use as a username or answer to a secret question.
That likely means you would have to securely store and backup them to be able to copy and paste for logins as needed (i.e., not integrated into a web browser).

Some email services, like the free yahoo mail I've been using for 20+ years, let you create more than one email. Yahoo mail has what they call temporary email addresses where I set a single prefix such as MTLr0YSa and I can create up to 500 email addresses that have the prefix, hyphen, and a suffix such as DkPtkNg. Then email to MTLr0YSa-DkPtkNg@yahoo.com goes to my one account. They are called temporary but last until you delete them. The ~125 of them I currently have make it harder for someone to hack or maliciously get my account suspended because they would be hard to find.

 

[countryBoy641]

The thing is that I received this weird ransom email not too long ago. The sender sent using my own email address and he threatened me that he knew my password and that unless I pay him money in bitcoin he would do blah, blah, blah. The password he mentioned was apparently one of the leaked passwords. Of course, it's not anything important, so I simply ignored it. But this tells me that Google ain't simply bullshitting when they say my passwords are compromised.

Mr. Schizo, you need to review what web sites you go to.
In some cases, you are trolling for nefarious persons (aka deadbeats), and you are finding them.

Quite a bit of expertise here on this topic.
I keep all my passwords on an external drive, usually disconnected.
Obviously I need to up my game.
My last day job (nearly 20 years ago) was at HSBC.COM.
All the UNIX engineers had "RSA tokens" hanging around their necks.
Eventually I had to have one as well.
Any suggestions on where to look
for encryption for "poor boy traders" on this MB ?
And I am less fearful of hackers,
than I am of picking loosing trades.
thanks

 

[Overnight]

Lately, I've been using Chrome to generate random passwords for me. For instance, here's one it just generated for me: t&bq34hVafTdHh5...

Using that format, that comes out to a total of 7,244,150,201,408,990,671,659,859,968 combinations.

That's 7.2 octillion possibilities. There is no brute-forcing a password like that, especially when the app/website/whatever will lock you out after 3-5 incorrect attempts. It is unpossible.

It's fine.

 

[schizo]

I meant a password generator like
https://www.lastpass.com/features/password-generator#generatorTool
can create something one can use as a username or answer to a secret question.
That likely means you would have to securely store and backup them to be able to copy and paste for logins as needed (i.e., not integrated into a web browser).

Some email services, like the free yahoo mail I've been using for 20+ years, let you create more than one email. Yahoo mail has what they call temporary email addresses where I set a single prefix such as MTLr0YSa and I can create up to 500 email addresses that have the prefix, hyphen, and a suffix such as DkPtkNg. Then email to MTLr0YSa-DkPtkNg@yahoo.com goes to my one account. They are called temporary but last until you delete them. The ~125 of them I currently have make it harder for someone to hack or maliciously get my account suspended because they would be hard to find.

Thx for the suggestion. But you might wanna update your security protocol if you're still using Lastpass. They got hacked in 2022. I heard Nordpass has yet to be breached. Anyway, Yahoo disposable mail sounds good. I'll look into it.

 

[schizo]

Mr. Schizo, you need to review what web sites you go to.
In some cases, you are trolling for nefarious persons (aka deadbeats), and you are finding them.

Quite a bit of expertise here on this topic.
I keep all my passwords on an external drive, usually disconnected.
Obviously I need to up my game.
My last day job (nearly 20 years ago) was at HSBC.COM.
All the UNIX engineers had "RSA tokens" hanging around their necks.
Eventually I had to have one as well.
Any suggestions on where to look
for encryption for "poor boy traders" on this MB ?
And I am less fearful of hackers,
than I am of picking loosing trades.
thanks

Mr. Hillbilly, I'm an old skool. I still like to leave my car unlocked at night. As for fearing losing trades, just remember this: What doesn't kill ya only makes you stronger. Ya gotta grow them manly balls.

 

[TrailerParkTed]

Mr. Hillbilly, I'm an old skool. I still like to leave my car unlocked at night. As for fearing losing trades, just remember this: What doesn't kill ya only makes you stronger. Ya gotta grow them manly balls.

Spoken like a true Futures scalper!

 

[vanzandt]

If the leaked passwords are hashed (and no legitimate busines should be storing plaintext passwords), making the password long and complicated makes it much harder to find the actual password.

That's where a password generator like the one I referred to before could be useful because password generators can easily create long, complex passwords.

How does this stuff happen? I tried logging into a Lexus forum with a question about a fuel-cap and the "check engine" light, that I never post on but joined a few years ago (my account was still active) as I had made several posts and they are pretty strict about spam, but I missed typing in the right password and after a few times... I was locked out for 24 hours.

 

[ph1l]

Thx for the suggestion. But you might wanna update your security protocol if you're still using Lastpass. They got hacked in 2022. I heard Nordpass has yet to be breached. Anyway, Yahoo disposable mail sounds good. I'll look into it.

View attachment 341386

As I mentioned earlier in this thread, I wrote my own password generator and have a way of managing passwords without permanently storing them anywhere.

I only mentioned LastPass because you wrote, "I've looked at the link you've provided above. That seems to be above my pay grade and, frankly, I ain't sure if I would be able to keep track of all the passwords that I generate. I'm sucha clumsy slob."

 

[ph1l]

How does this stuff happen? I tried logging into a Lexus forum with a question about a fuel-cap and the "check engine" light, that I never post on but joined a few years ago (my account was still active) as I had made several posts and they are pretty strict about spam, but I missed typing in the right password and after a few times... I was locked out for 24 hours.

I'm no expert, but I think it works something like:

1. A hacker steals hashed passwords from a vulnerable website.
2. From a list of potential passwords like password, 12345, trustno1, etc, the hacker hashes each of them with hashing methods commonly used by web sites.
3. If a match is found, the hacker knows the password without having to log in.

 

[TheDawn]

Mr. Hillbilly, I'm an old skool. I still like to leave my car unlocked at night. As for fearing losing trades, just remember this: What doesn't kill ya only makes you stronger. Ya gotta grow them manly balls.

Cars unlocked at night?? Why??!!