Warning: Someone just tried logging into my account - Page 2

Likes2ridefar · #16 08-10-2022, 09:29 AM

If no password manager at least consider using a site like this to create unique passwords that are pronounceable and generally easier to recall and enter.

https://www.warpconduit.net/password-generator/

Alistair · #17 08-10-2022, 09:32 AM

Quote:

Originally Posted by makoti

Because I'm not the smartest with all this, how does a PW manager work if you log in from different machines? Desk, laptop, phone, tablet. Do you load the manager on each and it syncs? Suggestions for good/not too expensive ones?

Typically, they offer an app for each platform. The passwords are then sync'ed across devices using a cloud service (usually with a nominal annual fee). The passwords should be stored in the cloud encrypted and unreadable and only decrypted locally on each of your devices as needed.

Most of them will suggest strong random passwords at the point of account creation and during password change activities. They're pretty good at IDing user/pwd fields on the web (both account creation and pwd change). Some also save financial info (CC numbers, etc) for easy access during online shopping.

I used Lastpass in the past, but went back to Apple's keychain, as I'm on all Apple devices currently and its integration with Apple services and Safari is more stable than Lastpass. My only complaint with Apple's service is it doesn't save the 3/4 digit CVV codes on cards, so for vendors that don't accept Apple Pay, I still need a physical card to get the CVV. I'd much rather everybody adopted Apple Pay (or some equivalent), so I could just leave my wallet at home.

makoti · #18 08-10-2022, 09:38 AM

Quote:

Originally Posted by Likes2ridefar

You have one password you need to recall or do the big no no and have all devices not time out once you login. It then syncs across all devices.

iPhone with Face ID is in particular very easy to use with it.

So a master PW with the app, then it generates a PW for the site or you have to create one and it remembers it? Having you create one would just seem to be keeping all your weak passwords in one place

dsimon · #19 08-10-2022, 09:45 AM

Quote:

Originally Posted by Keith A

I wanted to let everyone know that someone unsuccessfully tried to login into my account. I'm going to strengthen my password even more and would advise everyone to make sure they are using good passwords.

But your Admin. who does that

Dude · #20 08-10-2022, 09:52 AM

1Password is what I use and pay for. Lastpass is the other one. Google Chrome has some stuff too - though you have to use google chrome.

Suffice to say they work, you can't go wrong and they are super duper duper secure. 1PW has an app, a browser extension and a desktop app so that you can access your passwords wherever. They sync immediately but also work offline (update a mortgage password on your computer browser and then it's avail on your phone immediately to use in mortgage app).

Almost anything is better than what you're using now. Our human minds are weak.

Also, the key to passwords is length. Make it more than 15 characters (with symbols and numbers) and it will take a supercomputer centuries to brute force your password, let alone a regular computer/cloud servers.

Likes2ridefar · #21 08-10-2022, 10:03 AM

Quote:

Originally Posted by makoti

So a master PW with the app, then it generates a PW for the site or you have to create one and it remembers it? Having you create one would just seem to be keeping all your weak passwords in one place

The master password is like a key to your vault. In the vault are all the accounts you create/saved with passwords that can be generated by the app or created by the user. It can also save things like credit card # and Wi-Fi passwords. It’s not encrypted once you enter the vault so it is obviously important to not give others access…

It can be a big lift to initially adopt especially if many accounts but once all done it is so much easier to manage and more secure.

makoti · #22 08-10-2022, 12:27 PM

Quote:

Originally Posted by Likes2ridefar

The master password is like a key to your vault. In the vault are all the accounts you create/saved with passwords that can be generated by the app or created by the user. It can also save things like credit card # and Wi-Fi passwords. It’s not encrypted once you enter the vault so it is obviously important to not give others access…

It can be a big lift to initially adopt especially if many accounts but once all done it is so much easier to manage and more secure.

I loaded Bitwarden and reset things here. Worked fairly easily. Couple of glitches, but it looks to be working so I'll do this with my more important stuff after a day or so of coming back without issues.
Thanks

cp43 · #23 08-10-2022, 12:30 PM

Quote:

Originally Posted by Louis

Other than being locked out due to too many bad attempts, how would someone know if some bad actor tried to do that to them?

I'm curious to know this as well. Is there anyway a non-admin user would know if someone else attempted to access their account?

Thanks,

Chris

eippo1 · #24 08-10-2022, 12:39 PM

Quote:

Originally Posted by cp43

I'm curious to know this as well. Is there anyway a non-admin user would know if someone else attempted to access their account?

Thanks,

Chris

I found out when I saw an ad in the classifieds that was not mine and then tried to send a PM to the mods to no avail because they'd already figured it out and locked my account. Good times.

tuxbailey · #25 08-10-2022, 12:44 PM

Wrong thread.

Keith A · #26 08-10-2022, 01:19 PM

Quote:

Originally Posted by cp43

I'm curious to know this as well. Is there anyway a non-admin user would know if someone else attempted to access their account?

Thanks,

Chris

Yes, you will get an email if someone tried unsuccessfully to log into your account after a certain number of attempts.

cp43 · #27 08-10-2022, 01:25 PM

Quote:

Originally Posted by Keith A

Yes, you will get an email if someone tried unsuccessfully to log into your account after a certain number of attempts.

Ok, excellent, thanks for the reply. I haven't seen any email like that, so it looks like I'm in the clear!

Thanks for keeping on top of all of this for us.

Chris

ridethecliche · #28 08-10-2022, 01:39 PM

Someone probably wanted to come into the tire thread and tell everyone under Jan Heine was wrong.

Mr. Pink · #29 08-11-2022, 08:37 AM

Quote:

Originally Posted by Louis

And why not? "paceline123" has worked for years, why bother changing now?

Ah, you're the one. That's why I had to use paceline1234.

fredd · #30 08-11-2022, 08:40 AM

Quote:

Originally Posted by nortx-Dave

Not to be a contrarian, but why would someone hack a Paceline account? What is there to gain?

To start another disc vs rim, or tubeless, or bottle cage thread and watch as we tear each other to pieces.