>>>>

Wednesday, May 18, 2011

AUUGHHH!! HACKED!!


Well, I have joined the ranks of those who have been officially and unceremoniously HACKED!

Sometime today around 12:03pm eastern, some hacker using some unknown program was able to access my gmail account. How do I know the time frame? By the time stamp on the mass emails that bounced back due to “permanent failure” when the message didn’t arrive at places due to that email address not being functional anymore. My whole email address book was used to forward SPAM to unsuspecting people. I’m sorry folks, if you received something from me --- just know it wasn’t REALLY from me!

When I tried to access my email to look up an address, around 3:30pm eastern—I got a message saying something like “login or password incorrect”. I thought that was funny, but retyping the info didn’t help matters, and I knew I was spelling things right…and I started to panic!

I was having to do all of this from my phone, because I didn’t have internet access in any other form while sitting on the side of I-40 somewhere outside of Chattanooga!

The process actually worked pretty well, gmail has my cell phone # on file, and I got a text message with a new authorization number to prove it was ME –and I reset the password.

At this time there were over 70 emails from people asking me if I knew that my blog had been REMOVED ((yes, the screen said REMOVED when people tried to access it)), and where did it go?!! You see, all I was worried about was my mail, not knowing that google had shut down BOTH my blog AND my email for “security purposes”.

What would I do if the whole blog was just GONE? Poof? Just like that?! Or my email for that matter?

I’m now in the process of re-passwording everything. Tell me this. How are we supposed to come up with secure passwords that are long enough, include numbers and be case sensitive, and have it be something WE OURSELVES can remember?! LOL!! Everything needs a DIFFERENT password. No two passwords for any sites I visit should be the same as each other. How can we keep this straight?! How do you keep track of 14 different passwords? And they should change every 90 days or so. ((At least according to DH who has to change all his passwords on his work computer etc that often))

SO that’s my night daymare of a day. I’m glad all is back to functional. This is more excitement than I want to deal with!

37 comments:

  1. Oh wow Bonnie, that's too scary! Why do they do this?? I recently read where you can back up your content on another blog. This was the site on how to do it.

    http://2fishweb.com/blog/2011/05/the-great-blogger-outage-how-to-protect-your-content/

    I am not very computer literate but it sure seems like a good idea to save your blog info.

    ReplyDelete
  2. We use something called password gorilla that stores passwords or can even generate unique ones for you. I now just have to remember one super long password and can then access others. I'm sorry that it happened to you though.

    ReplyDelete
  3. Sounds like you have had quite the day, glad that you are back up and running. I too was quite confused when it said that your blog had been removed. I figured that it was a glitch. Being a computer geek myself, I keep a little book with all my passwords with my computer, you will hear both sides of the argument on that one. But it is the only way my poor brain can remember them all. Anyhoo, glad to see that things are getting back to normal and you can now enjoy the rest of your trip. :-)

    ReplyDelete
  4. Anonymous6:50 PM EDT

    I have put all passwords in an address book. The kind that my mom use to use for addresses. It works great! Sure it is just here at home.... but hey that is about all I can remember where the address book is..... now where did I last put that .......

    Bummer...... we love you any way !!!! on we go...

    ReplyDelete
  5. I'm glad you're back! When I tried to read your blog today, it was gone... I'm so happy that you are here again!!!! Hugs and hugs and hugs!!!
    Carla

    ReplyDelete
  6. Bonnie:

    I use keePass at ( http://keepass.info/ ) Our IT department manager recommends it for those of us with lots of passwords. It is encoded and secure. Have your DH take a look, I really like it, only HAVE to remember 1 password to get to all those seldom used accounts.

    Also, I have taken may security classes and most "experts" are beginning to beleive that it is better to change your password less frequently than to keep a written list of password. (which is typically done were I work)

    ReplyDelete
  7. Bonnie - one place that I worked had passwords that changed every 12 hours. I sometimes had to work in the control room on nights and weekends so couldn't get to computer that generated the passwords so I had to have the guy in charge of running the whole system generate one for me. Passwords had to be 8 characters and have a number, a capitalized letter and a special symbol and couldn't be written down. Lucky my memory used to be a lot better than it is now. My opinion is that hackers have overinflated egos and cause the rest of us trouble because they are too lazy to do real work. I hope this gets better.

    ReplyDelete
  8. I've noticed in the last coule of weeks, 2 cross stitch sites that I follow appear to have been hacked and now have content that are so NOT cross stitch. All of their previous posts have gone and have been replaced by 'teenage' interest stuff.

    Glad you sorted it all out!

    ReplyDelete
  9. A pox on all the hackers, virus/malware writers, spyware/ad-ware writers, etc.!!!! I had a lovely week of sewing planned since there wasn't anything on my calendar, but by Monday night I had three computers setting here, brought to me by people who need help. So that's what I've been doing the last couple days. I did start loading a quilt on the machine last night & finished that this morning. So I've been quilting while babysitting the cleaning tools running on the first computer. Now there's a young lady who needs to quit downloading stuff and saving games!! Especially since she uses it for her at-home on-line job.

    ReplyDelete
  10. We use KeePassX in our place (well I don't but the other half and mr.17 do) http://www.keepassx.org/ it's worth looking into.

    Glad you managed to sort out everything though.

    ReplyDelete
  11. Hey Bonnie - Here's how I come up with multiple passwords that I can remember:

    Write down a sentence like:

    "I love to piece beautiful quilts and quilt them too."

    Take the first letter of each word of this sentence to get: Iltpbqaqtt

    Now replace any words you can with numbers and if it's too long, eliminate any small words like "to" and "and." Also pick two letters to capitalize.

    So here's a good, solid password:

    IlpbQaqt2

    Instead of memorizing the specific letters, just say the sentence to yourself. It's a great way to practice a mantra or remind yourself of something like:

    "I need to worry less and have more fun"

    InwLhmf

    Also make sure you do this with your clues to reset your password. Most email is hacked because someone sets the password questions too easy, like "what is my eye color." There is too few options for that, so a better answer to leave instead of "brown" is an actual password like "my eyes are greenish / brown = meaGb.

    Hackers absolutely can't get these passwords, and can't get through to reset the password either because they aren't real words. It's as secure as secure can be!

    Cheers,

    Leah

    ReplyDelete
  12. As a Director of Information Security, I can tell you the easiest way to have a long password with numbers, etc., is to use a phrase like:
    "I love to quilt for me!" your password would be "Ilv2quilt4ME" or some other phrase.

    ReplyDelete
  13. okay...sorry...this may sound really mean...but, sometimes i just think that these hackers should have their fingers put in a vice for a few days...not to cut them off..just to cause pain!
    sorry...this happened =(

    annie
    rubyslipperz106.blogspot.com

    ReplyDelete
  14. Oh, Bonnie - what a mess! Have you tried http://keepass.info/

    You can keep all your passwords encrypted on a USB - and it's free!

    ReplyDelete
  15. I'm sorry this happened to you, Bonnie, and I'm glad it was resolved.

    One good thing to come out of your email acct being hacked is that I now have a lot of good ideas for creating tougher passwords thanks to those who posted suggestions!

    ReplyDelete
  16. Anonymous8:37 PM EDT

    Not sure if this would be work for you but I keep a small spiral notebook 5x7 size with the website names and my sign on name and password. I take it with me whenever I go away.

    Sherry
    shermcar@rochester.rr.com

    ReplyDelete
  17. Oh Bonnie, I am so sorry that happened to you. We recently got a virus on our computer (despite having a program which is supposed to protect us from viruses...) and then had a miserable experience with a computer guy who came to our house to "fix" it and ended up screwing everything up. AGH. Technology. Sometimes I have such mixed feelings about it!
    Deb from clutteredquilter.blogspot.com

    ReplyDelete
  18. Sorry this happened, but glad all is apparently well now. Did you see my note somewhere (FB I think) that I could get the partial blog posts on my Google Reader, but when I clicked to go to the full post it said it was removed? I thought that was a bit strange.

    ReplyDelete
  19. What a bummer! There seem to be a lot of hackers out there with nothing better to do but be obnoxious to people they don't even know. When you figure out the password thing... let me know because I can't remember anything with numbers in it or even where the numbers go.

    ReplyDelete
  20. Google's two factor authentication is the cat's whiskers! They really did a great job of integrating it.

    ReplyDelete
  21. Thank goodness you didn't lose everything....I knew something bad was going on when I blogged today and tried to link back to your blog to share the RRCB mystery and it was GONE.
    now that is not funny!

    Thank goodness you got it up and running so quickly Bonnie, and didn't lose anything.....that would not be right for the number one rated quilting blog!

    Safe travels and Happy Sewing

    ReplyDelete
  22. I too tried to view your blog and it said "deleted"...so I knew something was up! Glad all is better now!

    ReplyDelete
  23. Bonnie, sorry to hear you were hacked into. I have a great site for you for safety on the internet. Kim Komando. She is a whiz and has all sorts of great stuff on her site and tips for keeping things safe and how to choose a secure password! http://www.komando.com

    ReplyDelete
  24. I only have to use puter at home so I keep a roledex w/pass info & ?'s. That's some good advice you've gotten so far. So sorry, but good you got it fixed.

    A friend's gmail got hacked other week. Hacker got all her contacts including me & was sending out emails saying 'on vacation & mugged in London need $1,800.'

    Another friend got 1st email. Replied 'didn't know you were going to London on vacation. Are Snookie & Louie w/you?'

    Hacker emailed back 'yes & they are doing fine.'

    Thing is Snookie & Louie are the neighborhood dogs that run loose. Hackers must not know bout country folks.

    ReplyDelete
  25. I'm SO sorry there are poopy people! Grrr...

    Lucy~

    ReplyDelete
  26. Consider downloading the free malware program from Malware.org (http://sewcalgal.blogspot.com/2010/11/sewbiz-pc-protection.html). You may have a virus on your computer that your security software hasn't detected. I've been pleased with what Malware catches that good security software (e.g. ESET, NORTON, SYMANTEC, etc) doesn't catch).

    SewCalGal
    www.sewcalgal.blogspot.com

    ReplyDelete
  27. I use old addresses for passwords. They are always a combination of numbers and letters. You can do them in all lowercase, then when you have used them up and are using them a 2nd time, you can capitalize them properly. Depending on how many different places you have lived, this could last you quite a while!:)
    Sally j s p w a r r e n at aol dot come

    ReplyDelete
  28. Ah, yes, passwords. My DD, a genuine geek, poo-poohs me for having diff pswds for every site. I always write them down...except for my twitter pswd which I forgot to write down and which they will not let me re-do no matter how many times I try. Dolts!

    ReplyDelete
  29. Try using Bible verses. You know, like Psalms119:11 (I will treasure your word in my heart so that I might not sin against you). Something that has personal significance, so you'll remember. Plus it can help you memorize the verses if you're so inclined. Bonus points for multi-verse segments because you will get a - in it, and if it's a first or second book of something you can use I or II instead of the numbers 1 and 2 and get more capital letters in it.

    That's what I do. But that isn't my verse. :)

    ReplyDelete
  30. Oh, my goodness! I had no idea something like this could happen to your gmail. Now I understand why gmail suggested that I give them my cell phone number in case I lost access to my email.

    --C.B.

    ReplyDelete
  31. Glad you are back :o) It's a lesson to us all that we need to keep changing our passwords!

    ReplyDelete
  32. Just went throught the same thing myself. Hacker sent email to my entire contacts saying I was in the UK, mugged and needing money. Gee what a pain to recover my email. In fact my email has never been the same.

    ReplyDelete
  33. So glad you are back! I was so bummed when I saw your site was "removed" yesterday. Glad that everything worked out & that you didn't lose all your postings!

    ReplyDelete
  34. That Sucks. Why can't these people do something productive instead of creating havoc?
    I was wondering what was up with the "removed" when I clicked on your site.

    ReplyDelete
  35. My sympathies for your techno invasion. Tell you how I keep my passwords straight. I have a small index card box next to my computer with all my passwords. It's not new tech but I don't have to worry about losing them when or if the computer crashes and it's easy to just jot down the necessary information rather than try to remember all of it.

    ReplyDelete
  36. So, hard as it must have been to go thru all that pain of knowing things were a mess... isn't it nice to know that people care enough and miss you when we can't read all the great things you share with us. Thanks for allowing us into your life... we're glad that your back!
    Hang in there...

    ReplyDelete

Did you know that ad space on this blog provides for all of the free patterns and free mysteries and challenges at no cost to you? Without ads, this blog would not be possible.

Thank you for understanding the many hours that go into this blog 6 days a week, 52 weeks a year. :)