my HDBITS account was attacked and stolen

[Bowing]

It doesnt really matter what you have used special char etc or how long your password lenght... if you got what i mean.

That's not true at all, though the risk is somewhat negated since most trackers only give you a few login attempts before banning your IP.

Any of your passwords should be over 8 characters, contain upper/lower case and numbers, if not special characters, and shouldn't be a dictionary word.

In this case it wouldn't matter because he probably got keylogged, but it's still not a bad idea.

 

[sza]

i had almost the same experience with my waffles account so dont says something you dont know
the hacker logged into my account and i dunno how because i had a realy strong password (made by recover pass from waffles) , and he changed the password and then he tired to change the mail but for this he need to confirme it from the old mail (i used gmail) ; so in that time i got in my inbox gmail the mail from waffles...and i tired to log into my account but its too late the pass alredy chaned, so i decided to recover and surprise the email is not found on the date base
i have not confrimed the changement of the mail and he is not enter to my gmail account (and the mail to confrime is still unread)...
just to tell you a good hacker can get easly your account , trackers security is a joke for him, actualy i got back my account, thx to waffles staff

That just means your security fails. Not the tracker's. No one, I guarantee you, no one can "hack" your account. It just isn't worth the effort.

A hacker that has the wits to hack the database and find your password, would rather just simply add an entry about himself. That's that. What you're suggesting is insane, you're suggesting a hacker bypassed tracker email change security, which could have simply been a bug, or the wrong way that waffles' code handles such outgoing emails by sending an email and disabling it from the database straight off.

I've been in the passwords/trackers business for quite a while, and I've only heard of one friend's account hacked, and that's simply because he gave the password out to people. Simply as that, no questions asked. He might have as well gotten keylogged (which could have happened in your case), but then again that's his fault, not the tracker's.

 

[nightwalker21492]

In future, learn how to use Hijack, IceSword, Comodo with defense+, Sandboxie and limited accounts on machine.
This problem wont happen again if you learn a few things.

 

[Gina_star]

That just means your security fails. Not the tracker's. No one, I guarantee you, no one can "hack" your account. It just isn't worth the effort.

A hacker that has the wits to hack the database and find your password, would rather just simply add an entry about himself. That's that. What you're suggesting is insane, you're suggesting a hacker bypassed tracker email change security, which could have simply been a bug, or the wrong way that waffles' code handles such outgoing emails by sending an email and disabling it from the database straight off.

I've been in the passwords/trackers business for quite a while, and I've only heard of one friend's account hacked, and that's simply because he gave the password out to people. Simply as that, no questions asked. He might have as well gotten keylogged (which could have happened in your case), but then again that's his fault, not the tracker's.

maybe you are right , but you have to know i used password like : iotpLaXEyO , and i dont type it since i use firefox so its registred in my firefox (maybe he got it from here) , if so why he didnt get other more higher and interssting trackers and i use kaspersky IS 2010 full update so maybe i have to change it now ...
also what about the mail? i didnt confirmed the changement of mail and the mail is changed to his mail?!

 

[Staciebabyy]

Did you gain your accunt back? Did you find any mod on the IRC?

Hope everythig worked out ok for you

 

[Strawberry-Dalu:*]

In future, learn how to use Hijack, IceSword, Comodo with defense+, Sandboxie and limited accounts on machine.
This problem wont happen again if you learn a few things.

Don't forget common sense. Shady executables that do "nothing" when run are often up to no good, even if your antivirus doesn't cry.

Fortunately, I keep all my tracker passwords in a KeePass database. You could also use the on-screen keyboard to type them if you suspect the computer may be keylogged.