Thursday, May 31, 2012

More D3 Account Security

I am still following Diablo 3 accounts getting hacked.

See this useful post on Bnet http://us.battle.net/d3/en/forum/topic/5271503297

Some other tidbits:
  • You can get phished from friends Twitter messages, see http://isc.sans.edu/diary.html?storyid=13330
  • don't use same password on more than one site
  • use at least one number and one symbol (ie "#$%")[should use upper and lower case letters but Blizz may ignore that]
  • longer is better ^_^ But not if it is words or something from Hackers dictionary (ie 123456789)
  • don't put number or symbol at beginning or end of password, that is what most people do, and password hacking software takes advantage of that
  • Dictionary words for passwords =/= OED or Websters Dictionary; rather it means a Hackers dictionary!  See below.

Don't use a password that can be found on a list like these (warning some Mature language):
  1. http://www.zdnet.com/blog/btl/26000-email-addresses-and-passwords-leaked-check-this-list-to-see-if-youre-included/50424 
  2. http://www.troyhunt.com/2011/06/brief-sony-password-analysis.html
  3. http://www.imperva.com/docs/WP_Consumer_Password_Worst_Practices.pdf
  4. http://www.zdnet.com/blog/hardware/repeat-after-me-reusing-passwords-is-bad/10684
  5. http://blog.jimmyr.com/Password_analysis_of_databases_that_were_hacked_28_2009.php



1 comment: