Compromised PoE Accounts: Stolen Items and Hacked Accounts - Discussion and Leads
|
Can those who got compromized verify if they used a unique secure password for their poe account? Something they never used anywhere else and hard to guess, at least 8 characters long. There is an argument made that the reason ppl get hacked is the use of a weak passwords that are included in so called dictionary attacks.
One can also check if the email used has been compromized her: https://haveibeenpwned.com/ It can give an indicator of whether it was used as an entry point or not. Passwords can also be checked here: https://haveibeenpwned.com/Passwords Kitty's Guide On Post Formatting - view-thread/1913874 Last edited by Dkodr#6088 on Dec 28, 2024, 9:52:40 PM
|
|
|
can you tell me how do you know the hacker's name and what is his name in PM t hanks because i am afraid support will remove the name again
|
|
|
Did anyone get unlocked yet? I'm still waiting.
On Steam Discussions I see a few threads about locked accounts too. And some mention it on Reviews... |
|
" Please don't lead people to believe there is such a thing as a "secure" 8-digit password... Just for the sake of testing, I had my password manager generate a random 8-digit password consisting of upper case letters, lower case letters, numbers, and symbols.
It immediately marked the random password as vulnerable...
 I then went to https://bitwarden.com/password-strength/ and entered the password - W0tGEdj& - that had been generated. The website reported that it was a "weak" password, which would take approximately "3 hours" to bruteforce. And that's probably a best case scenario for 8 digits... Looking across the web, here's what various organisations regard as secure;
Based on the above, I then had Proton Pass generate the 20-digit password KkQ2THFGqftcVQxvksw$. Returning to https://bitwarden.com/password-strength/ I was advised this was a "stong" password that would likely take "centuries" to compromise through bruteforce attacks. It's worth noting that the recommendations above aren't written specifically with online transactions (e.g. buying Path of Exile supporter packs using your credit card) in mind. They're just general purpose advice. If you plan on ever paying for anything from Grinding Gear Games, you should probably view those as a minimum level of complexity for your Path of Exile account password. “Please understand that imposing strong negative views regarding our team on to other players when you are representing our most helpful forum posters is not appropriate.” — GGG 2022
---- I'm not 'Sarno' on Discord. I don't know who that is. |
|
|
Question remains: Why was there no "new location" notification?
|
|
|
It can't be *password problem* when there are happend many hack threads in a short time and the same person is selling stolen items and because stand-alone and steam client was hacked (mean its not targetable *e-mail hack* when steam have 2fa). Obviously these are not helping programs like overwolf because different people used different programs or did not use them at all but still hacked.
|
|
|
Hacker is still online and has currently listed about 500 items on trade, still adding more items every minute. Yesterday he even had a temporalis listed.
My steam login history updated for the correct day now - as expected nobody logged into my steam. I only made the standalone account for launch day (i expected steam queue to be late) but due to the server issues on launch, I never played PoE via standalone (only got into the first queue.. and received a code email for it :) ) or accessed the trade site. The standalone-link was only 2 weeks old. My Email is also not on the haveIbeenPwned-List. Last edited by nfb04#2789 on Dec 29, 2024, 2:48:15 AM
|
|
|
Same, have only been playing via Steam. No new login location. So it can't be through Steam.
|
|
" can you dm me his name? |
|
" both email and password came up with 0 pwns or w.e it was green I use a 32 combo of number letters and symbols. |
|
