Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Meta
Re: Account hacked -- should I blame admins or not?
by
zoeh
on 07/12/2018, 08:05:12 UTC
Quote from: Onuohakk on December 06, 2018, 03:37:53 PM
What I can see on this thread is some big time quote abusers most especially the first individual that replied who had no reason what so ever to quote the OP whole post when he or she is directly under the post

Post quotation when abused can create an ugly scene especially when the guilty party do not really have something tangible to contribute
what is this all about? you are out of context

Quote from: Welsh on December 06, 2018, 03:39:31 PM
Quote from: zoeh on December 06, 2018, 03:34:27 PM
My argument is based on the fact an email address was changed without letting the owner confirm it, it can be referred to as unauthorized change of ownership. In this case, everyone's account is at risk, including the admins.

This has never been in place, and by registering on the forum you don't even have to verify the email. If you had a problem with the security of the forum you could've brought it up. Many have, though. The new forum software will likely have some sort of 2fa authentication so there's that. However, no one really knows when that's going to drop.

That being said. Have you got a signed address? If you have you can start the recovery process, and in the mean time get DefaultTrust to tag it so it's basically useless to whoever hacked it.
It would be cool to have the updated software since the current one seem to be somehow outdated. Some 2fa will do good, since now the hacker is impersonating me, and if he hacks anyone or do something bad, people will assume that it was me although I was innocent.

Other than, thank you for the input Smiley appreciated

Quote from: khaled0111 on December 06, 2018, 03:51:56 PM
Quote
My point is, why don't they at least allow user to confirm that they are changing the email;
Because people, generally, set a new email address when they lose access to the old one, thus sending you an email to the old address asking for confirmation is kind of stupid.
With that being said, I think instead of sending a link to lock the account, they should give you the possibility to refuse the new changes and keep your old email address.
 
I think there is something you are missing, when I created an account using my email, i signed for ownership of the account. If the email is being changed without me knowing, then it mean that there was change of ownership without the real owner concern, which can percieved unfair since the account was just deprived from him by the unknown user or hacker.

We change email address for many different reasons, so since the admins are not aware of the reason why I am changing the email, they shouldn't just assume it's the owner making changes, rather come up with safety or secure measures to avoid this in the future. This is only the beginning, it's only a matter of time until they hack an admins account, how is different to ours security wise?
Think of it like this, if they can hack mine, then surely the can hack yours.