Post 9mmZPLQR15ZrS1XbCy by adidal@chat.cdstm.ch
(DIR) More posts by adidal@chat.cdstm.ch
(DIR) Post #9mmWnpPorkwRYEEhxQ by Gargron@mastodon.social
2019-09-10T14:06:59Z
1 likes, 4 repeats
"How I Lost My $50,000 Twitter Username"https://medium.com/@N/how-i-lost-my-50-000-twitter-username-24eb09e026ddThe important bit here isn't Twitter or how much the username was worth, but how the attack was carried out
(DIR) Post #9mmXubKFkY5DpkQTGy by seguridad@mastodon.social
2019-09-10T14:19:26Z
0 likes, 0 repeats
@Gargron 😱
(DIR) Post #9mmYMlkAbqG0Fjyp4i by espectalll@mstdn.io
2019-09-10T14:24:32Z
0 likes, 0 repeats
@Gargron > Use an @gmail.com for logins.this is actually a horrible tip
(DIR) Post #9mmYZESVfmQwmof8Mq by Gargron@mastodon.social
2019-09-10T14:26:48Z
0 likes, 0 repeats
@espectalll But setting a high TTL on MX records sounds like a good idea
(DIR) Post #9mmYgFiVOUhKiOUYC0 by espectalll@mstdn.io
2019-09-10T14:28:03Z
0 likes, 0 repeats
@Gargron you should absolutely do that if you can, although that still means trusting your registrar - oh well, that's the nature of the Internet :blobuwu:
(DIR) Post #9mmZPLQR15ZrS1XbCy by adidal@chat.cdstm.ch
2019-09-10T14:36:12Z
0 likes, 0 repeats
@Gargron I dont understand his hacked-twitter-account is still active and doesnt look compromised: https://twitter.com/@N
(DIR) Post #9mmaCI3gK7ilCLEmbg by tagomago@mastodon.social
2019-09-10T14:45:01Z
0 likes, 0 repeats
@Gargron Find this hard to believe.
(DIR) Post #9mmab9yLWZgNMKbINE by fla@mastodon.social
2019-09-10T14:49:32Z
0 likes, 0 repeats
@adidal @Gargron I guess after such a story, twitter contacted him and give the account back to him? Remember this is from 2014.
(DIR) Post #9mmaep2nHF7TbrQYK0 by ryantouk@mastodon.social
2019-09-10T14:50:11Z
0 likes, 0 repeats
@adidal @Gargron The article is 5 years old... I imagine the situation was fixed in that time.
(DIR) Post #9mmbAvacTabHB2YfKK by jamesgecko@toot.cafe
2019-09-10T14:56:00Z
0 likes, 0 repeats
@adidal The post was published in 2014; he regained control of it afterwards.
(DIR) Post #9mmcSYbMmdg131sTQ0 by syntaktis@mastodon.social
2019-09-10T15:10:23Z
0 likes, 0 repeats
@Gargron... and why do you need an e-mail account to register to a website, in the first place? It should be an option, but not obligatory.
(DIR) Post #9mmftUcE0mlEMloZea by eatsshootsknits@mastodon.social
2019-09-10T15:48:51Z
0 likes, 0 repeats
@Gargron that’s terrifying.
(DIR) Post #9mmpAwEPUMxEWf4Ksi by le_ArthurDent@mastodon.social
2019-09-10T17:32:52Z
0 likes, 0 repeats
@Gargron This is just crazy...
(DIR) Post #9mnHAPPmIWUTSmvEaO by sindastra@mastodon.social
2019-09-10T22:46:30Z
0 likes, 0 repeats
@Gargron Basic 2FA alone is not enough, because often it's TOTP with SMS as backup which is not secure. You should all use hardware tokens exclusively. Google provides that option. https://landing.google.com/advancedprotection/
(DIR) Post #9mnYQ9ldwMXamvFCkK by vjy@mastodon.social
2019-09-11T01:59:48Z
0 likes, 0 repeats
@Gargron I lost my cute 3 char handle too.. deleted my account, but now Twitter no longer allows 3 char handles.. :(
(DIR) Post #9mnYTcgQt77dL1SZyS by vjy@mastodon.social
2019-09-11T02:00:28Z
0 likes, 0 repeats
@Gargron I lost my cute 4 char handle too.. deleted my account, but now Twitter no longer allows 4 char handles.. :(