Accessories PSA: Please Turn on 2-Factor Verification to prevent hacks

[Senor_Barney]

Public Service Announcement
Just wanted to share an example of why its critical to turn on two-factor email verification to prevent unauthorized account access.

Woke up this morning to see THREE emails from Sniper's Hide for Login Verification.

These were fraudulent login attempts clearly made by someone trying to gain access to my account. Since they didn't have access to my email (I assume) they weren't able to get the verification code to login to Sniper's Hide.

Had I not had 2-Factor Verification enabled I am sure these mofo's would be trying like hell to scam each and every one of you.

I have since changed my password...

 

[Holliday]

I have it on. I think having it a rule for posting in for sale section would be helpful …..but probably impossible to police/enforcement.

 

[SniperBro]

Been saying this for months now. Wish it was mandatory.

 

[Waorani]

Do you have to enter code every time you log in? I generally look at new posts several times a day and that could get old fast. Although starting to get to point where probably worth the trouble.

 

[MOUNTIC]

Do you have to enter code every time you log in? I generally look at new posts several times a day and that could get old fast. Although starting to get to point where probably worth the trouble.

No. You can have your device trusted for 30 days. Any login from a different device will send a code.

 

[Waorani]

No. You can have your device trusted for 30 days. Any login from a different device will send a code.

Thanks, I'll give it a try.

 

[Ranchhand]

2 part verification has been working great for me. Very happy it's available, both in mils and moa

 

[Holliday]

Do you have to enter code every time you log in? I generally look at new posts several times a day and that could get old fast. Although starting to get to point where probably worth the trouble.

No, mine lasts for 30 days per device.

 

[tsu45]

Has anyone seen a site infiltrated with compromised passwords like this before? There have always been fake scammer accounts anywhere there was a scam to be made, but these guys are getting existing legit members account’s passwords. Seems like it’s been a rash of them and haven’t seen a theory on why it may be happening.

 

[Doctorhvac]

Thanks for posting this!

 

[Waorani]

Easy enough and able to have two devices "verified" for 30 days.

 

[jinxx4ever]

i've got my home computer, ipad, phone and work laptop all verified. Works great

 

[Marinevet1]

I guess since I'm not a supporter, no one gives a fuck about hacking my account ......

I guess someone could buy something using my account............how would that work out for them..........

 

[Senor_Barney]

I guess since I'm not a supporter, no one gives a fuck about hacking my account ......

I guess someone could buy something using my account............how would that work out for them..........

Someone with unauthorized access to your account wouldnt hurt you per se.

But they'd try and post a bunch of crap at too-good-to-be-true-but-just-good-enough prices hoping someone pays them then try and get others to send money etc.

So, 2-Factor is to also protect others...not just yourself

 

[Sgp12345]

Has anyone seen a site infiltrated with compromised passwords like this before? There have always been fake scammer accounts anywhere there was a scam to be made, but these guys are getting existing legit members account’s passwords. Seems like it’s been a rash of them and haven’t seen a theory on why it may be happening.

It’s happening on bladeforum quite frequently.

 

[Rexwagon]

Has anyone seen a site infiltrated with compromised passwords like this before? There have always been fake scammer accounts anywhere there was a scam to be made, but these guys are getting existing legit members account’s passwords. Seems like it’s been a rash of them and haven’t seen a theory on why it may be happening.

Sounds like management may need to look into better security.

 

[missed]

Sounds like management may need to look into better security.

They have it's called 2 factor authentication. Even giant passwords with multiple rules and expiration dates can still be hacked. It's up to the individual, the management can point the horse to the water, but can't make them drink it

 

[Gohring65]

Good advice!
I took it, and added the two step verification.

 

[Jbova]

Didn’t know about this. I turned mine on too.

 

[Apnea]

Admins: How about an indicator that shows who has this turned on? Would help establish trust for transactions.

 

[6.5SH]

Has anyone seen a site infiltrated with compromised passwords like this before? There have always been fake scammer accounts anywhere there was a scam to be made, but these guys are getting existing legit members account’s passwords. Seems like it’s been a rash of them and haven’t seen a theory on why it may be happening.

Because most people use the same email/username and password for every f-ing thing they do online.

ONE of those sites gets compromised and the emails/username and password gets spread on various hack dump forums and here we are.

 

[Bean]

Because most people use the same email/username and password for every f-ing thing they do online.

ONE of those sites gets compromised and the emails/username and password gets spread on various hack dump forums and here we are.

True that. Folks should consider using a password manager. I don't use the same password anywhere, ever. I use long strings of numerals, letters and special characters generated by 1Password, the manager I use. A different one for every password.

It's also a good idea to use those strings for security questions, like: What city where you born in? 5%ikLk2(w;B74... but I use shorter strings since sometimes you're asked those questions when calling customer support. It can get tedious reciting long strings of gibberish.

I also always have a VPN running (virtual private network) and that seems to mess up the 30 day grace period for 2 factor verification. I'm going to give it a try here to see what happens.