Account Security Reminders

CrashBash

No emulation, real hardware
Staff member
.
.
Joined
Feb 5, 2016
Messages
112
Likes
206
Location
MGC
Hello all.

It has come to the attention of staff that in the past week there's been reports of accounts being compromised and then used for spam. Before anything, I'd like to state that BitBuilt has not had a data breach. The owners of these accounts we've spoken to have mentioned that they've been experiencing this with the accounts they have on various different websites. For that reason I'd like to highlight the following opportunities that you can take to better secure your accounts - on BitBuilt and in general:

  • Use unique passwords on each account you own - passwords leaked on one site can be used by malicious actors on other sites in an attempt to gain access to your account. Use a password manager to keep track of your credentials if need be.
  • Use strong passwords - use longer passwords containing non-dictionary words along with symbols and numbers. Again, use a password manager to generate and keep track of your credentials.
  • Use 2FA (better) or OTP (best) - you can add an additional layer of security to your accounts by enabling either of these features here: https://bitbuilt.net/forums/index.php?account/two-step/ . Both of these options require an additional step beyond providing your password. OTP ("Verification code via app") is the more secure option and will mean someone logging in will need your phone/device. If enabling OTP please ensure you create, save, (and maybe even print) a set of backup OTP codes. These are for use if your device becomes damaged/stolen/etc.
  • BitBuilt Staff will never ask you for your credentials - Staff will NEVER ask you for your password. Staff members have the "staff" banner next to their avatar on posts, private messages, etc. If anyone tries asking you for your password, don't give it to them.
Please take the time to change your password if it's shared across sites or weak and enable 2FA (or even better OTP!) to protect both yourself and the BitBuilt community.

If anyone has been banned for spam that otherwise had their account in good standing, please let a staff member know. We will review and get back to you.

Thanks,

BitBuilt Staff
 

Y2K

Block Rotator
.
Joined
Apr 14, 2022
Messages
35
Likes
48
Location
Chicago, IL
I'm glad you mentioned that 2FA is a thing on the forums, I don't think I would have ever enabled it otherwise! O.o

I assume a lot of the issues stem from LastPass's recent breach. This is an extremely common thing thing with them in particular, so it's definitely for the best to consider using a different password manager if you're still using LastPass. Bitwarden is a good option, and you can also self host a local instance if you don't want your passwords stored on a known server. I've also heard good things about 1Password.
 

Stitches

2 and a Half Dollarydoos
Staff member
.
.
Joined
Feb 5, 2017
Messages
2,738
Likes
2,090
Location
Banana Bender Land, Australia
Portables
6
I only found out today as well...................... fortunately it's an easy fix!

Also, for obvious reasons please don't input any personal information into your account bio or signature. Information entered into these fields is publicly visible, and could be scraped by bots and/or used by malicious actors for Identity Theft.
 
Last edited:
Top