Same, looks like give more information so everyone understand whats going on is hard...
Comment has been collapsed.
Oh... so maybe that explains why I have been occasionally getting CD query mails recently. I was wondering if I had ninjaed a key and forgot to say Thank you :D
Comment has been collapsed.
I thought I guessed it, but what I have in my head for mine is only 30 characters.
I bet yours could be bruteforced, just like mine can. We probably think alike so all I would need to do is load a specialized library of certain phrases.
Comment has been collapsed.
Frell!
Words that don't exist in our language makes it even more likely to be something I'm thinking of.
Speech in an alien language that can be spoken in English.
Comment has been collapsed.
lol, yeah. like you said though there is always a way, so it really doesn't matter which way you go about it. i mean chances are higher or lower with certain ways of going about it ofc, but overall it makes little diff imo. ^^
edit: there are still some people who get away with using "password" as their password globally and still have yet to have their accounts compromised, and then there are those who use a full 128bit key as their password and consistently are being compromised.
Comment has been collapsed.
I prefer to have a unique password for every account (common sense) and I either memorize them (such as the most commonly used ones) or jot them down in a notepad. Sure, someone could grab my notepad; however, someone hacking my notepad (without something akin to an axe) is... unlikely, lol.
Comment has been collapsed.
Two site? I use one password for more than 20 sites and never been hacked -.-
Comment has been collapsed.
I don't think people logging in via facebook on DLH are affected 'cause the site just gets some kind of token in addition to the email address as far as I know. ¯\_(ツ)_/¯
Comment has been collapsed.
I meant phone service contract, my bad. :D
Basically for some services the actual service provider will charge you as well. And in my case, they do. And because it's not coming from my own country, they charge a fair bit. Google's message cost me around 20 cents. Since my budget for my phone bills is about 2-3€ per month, this is a large chunk out of it. And if I were to log in every day, which many people do, then it'd come to around 6€.
It might not sound much, but for someone like me, that's way too much :/
Comment has been collapsed.
Charging for receiving SMS? o.0
But SMS is free as far as the system operator goes; they are sent in the control signal's holes so they don't cost any money. Charging anything to send them is bad enough but for taxing the receiver is blatant robbery.
Comment has been collapsed.
ah, makes sense why i received an email from twitch saying someone in russia tried accessing my twitch account
Comment has been collapsed.
Explains this:
Edit: That explain this:
Dear Steam user,
This is an automated message generated by Steam account administration. It is being sent in response to a query made by a Steam user to discover all account names associated with this CD key.
Steam account name: xxxxxxxx
If you requested this query, please use the above account name to log in to Steam. If you cannot remember your password, click on the “Retrieve lost account” button on the Steam login screen.
If you did not request this query, please ignore this message.
Users cannot gain access to your account via the Find Account By CD Key process without access to your email account.
Comment has been collapsed.
Someone knows a CD key of a game you used. He is trying to use it to know your account details or take control. CD key can be a publicly pasted cd key at forums you activated or ninjaed quickly or hacked from a site and hence someone knows the key was used somewhere. Or someone got a used dupe key in a GA and tried tracking account. DLH site hack meant Russians gained info of DLH stored use account names, email ids, passwords and cd keys of all their owned games obtained from DLH and used that info to try and hack anything they could - Steam, Twitch, DLH and other such bundle sites etc. Those exposed email ids and cd keys are still being sued to hack and gain control of steam accounts and hence such emails. Best way to be safe is ensure your email ids main, steam accounts and bundlesites accounts are phone verified and thus solely in your control.
Comment has been collapsed.
Its OK. Many people who don't know how it works will know. An additional explanation never harmed anyone. xD
Comment has been collapsed.
Lmao they tried accessing my twitch,twitter and some months ago a random russian tried logging in my instagram aswell.... Even tho i have nothing on it,russians are apparently a pain even outside of csgo. BTW my password was randomly generated by dlh.
Comment has been collapsed.
meh looks like someone tried to query up one of the steam codes I got from there.. guess I should change my password associated with my email just to be on the safe side, all my passwords are unique for any site I visit though so not too much cause for concern. I suppose if they want to hack my twitter account have at it, all I have on there is a bunch of stupid crap DLH or other giveaway sites requested that I post for my free key..
Comment has been collapsed.
Still unsafe. Delete DLH widget registered in FB app. I read somewhere that is the best course of action.
Comment has been collapsed.
They can't intrude my Facebook app unless there's FB exploit, period. That's the benefit of connect feature, just like this site and Steam. If SG gets breached there's no way they can intrude to the respective Steam accounts as well.
If they breach DLH's database and gets my account (in DLH), then it's DLH problem, and that is affecting all DLH users not just people who authenticate with Facebook.
Comment has been collapsed.
Thanks, i was wondering why someone tried accessing my twitch and getting cd key queries, even if they manage to successfully login to my twitch account, what the hell were they going to do with it anyway? watch a hearthstone stream with it? lol
Comment has been collapsed.
Guys if i login with FB, can my account get compromised too (through DLH) ?
Comment has been collapsed.
Got one of those mails because of a CD key but I have a completely different password, mail and name there.
Comment has been collapsed.
Isn't this what happens after *any * site's username-pw database gets public, people try to use the combinations at other sites as well? The title makes it sound like DLC caused a vulnerability at twitch, while it's just careless users having the same / not changing passwords...
Comment has been collapsed.
2,066 Comments - Last post 1 hour ago by Megamind9
11 Comments - Last post 2 hours ago by Chris76de
1,340 Comments - Last post 3 hours ago by LuckyStrike1305
367 Comments - Last post 3 hours ago by Vodeni
66 Comments - Last post 4 hours ago by doslover
37 Comments - Last post 6 hours ago by katukinabarra
113 Comments - Last post 7 hours ago by Ekaros
30 Comments - Last post 4 minutes ago by Ignition365
60 Comments - Last post 9 minutes ago by Peiperissimus
15 Comments - Last post 13 minutes ago by hsunkuei
39 Comments - Last post 13 minutes ago by quijote3000
73 Comments - Last post 18 minutes ago by bat0
41 Comments - Last post 41 minutes ago by Lachdanan
37 Comments - Last post 1 hour ago by OneNonLy
Seems info leaked by DLH is still having effects. The DLH site hacking that led to Russian hackers stealing email id and their DLH accounts and steam keys associated with these accounts means they have email ids and tentative passwords now and if same type of passwords are being used at steam/twitch/bundlesites etc they are all at risk as the hackers are trying to access those. Many users still getting steam cd query attempts at protected accounts [Leaked DLH cd keys to blame] . Now anyone who hasn't changed same used passwords at other accounts like sites/twitch etc are getting hacked wherever possible. Many people now have Twitch accounts compromised with attempts to hack or successful hack. Many users now getting emails by twitch of the same and some reportedly have already lost their accounts.
Change PWs of all your steam associated site accounts used to take free game keys at GAs and sites.
Comment has been collapsed.