A question on log-in/password/hack concerns?

I don’t know if a temp glitch, but just got errored out for an email/username/password issue and couldn’t log in without a link sent to my email address. Came in and ‘changed’ my password, using the autofill of my previous password (ie didn’t actualy change it), which was accepted, so I don’t know if someone got in and changed mine, or…

Anyone have any insight?

2 Likes

If you haven’t already, enable two-factor authentication (2FA) for your account. You’ll need to have either a physical security key or an authentication app to generate a constantly changing time-based one-time password. With 2FA set up, it’s not sufficient for someone to know just your account name and password to log in.

Some security key manufacturers

  • Yubico (YubiKey, various models)
  • Google (Titan)

Some authentication apps

  • Some dedicated password management programs, e.g., 1Password, and web browsers, e.g., the latest versions of Apple’s Safari, also handle time-based one-time passwords, so you may want to check what you’re already using first. (Full disclosure: I’ve been using 1Password for over a decade as a customer.)
  • Authy (free)
  • Google Authenticator (free)
  • Microsoft Authenticator (free)
4 Likes

The mst3k forum has that feature? Where would I go to turn it on? :thinking:

1 Like

Look in your profile under Preferences and Security.

2 Likes

Thanks. I didn’t realise this forum supported that.

1 Like

That’s a lot of trouble to go through.

Look, if I say anything you don’t like, just assume I was hacked.

3 Likes

Okay — you’re a hack. :crazy_face:

2 Likes

A hack is what they call in Hollywood a working writer.

3 Likes

So if you’re a working writer in Hollywood moonlighting as a taxi driver, you’re a hacky-hack?

2 Likes

Woah! Keep it down with that kind of language. A GELF might hear you.

4 Likes