API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 25th, 2018
1,525
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.73 KB | None | 0 0
raw download clone embed print report
  1. Like we all noticed recently some staff accounts have been compromised. This thread isn't meant to be a bad thing or to scare you but mainly to inform you in possible ways to protect your accounts as much as possible. If after reading you still have questions or just want to ask me something feel free to message me either here or on discord.
  2.  
  3. Passwords
  4. Have a different password for each account. I know this can be very hard to remember them all but it's a lot safer. As we all know the internet isn't a very safe place and even big websites/companies sometimes have security leaks and login info leaks. Therefor it's much safer to have separate passwords for everything.
  5.  
  6. If you have a lot of different accounts and you can't remember all of them there are some tools around that can help you store them. I myself have been using https://lastpass.com/ as my password management tool. It's very easy to setup, can generate random passwords for you and fills them in automatically whenever you arrive on a known login page with a login/password stored for it. It also has a mobile version (I think paid but decent on price) and a security test that analyzes how safe your passwords are and stuff.
  7.  
  8. Password strength is also very important. Most people trying to hack accounts know what the most common thing is people do for their passwords. Small examples are replacing an o with a 0, an L or i with a ! and so on. So if you create a password that is just a word that has something important for you (own name, pets, family) combined with dates are easy to crack if needed. Since lots of this info can be found on your social media 9 out of 10 times. Taking completely random characters is much harder to guess and a lot safer.
  9.  
  10. 2-Factor authentication
  11. 2FA or 2-Factor Authentication has becoming more and more used by many big platforms and websites. It's basically a secondary authentication added to just the username/password verification that is much much harder to bypass. You have many different ways of 2FA going from just sending an email you need to verify (like steam) to sending a phone text with a verification code or phone apps like google authenticator, Authy and so on.
  12.  
  13. Here at Badlion we've implemented that last method able to be used by any member of the network. Like most of you know any red tag is required to have this setup but I highlyrecommend everyone to use this. Whenever a platform allows me to set this up I will use it. It only takes me 5 more seconds to log in but it's a lot safer as well.
  14.  
  15. If you want to enable this feature for your Badlion account click on your icon at the top right and go to your settings. In the page you arrive you'll be able to configure your 2FA and start using it. This will both be active on the website (on ip change or every 30 days) you will be required to re-enter it when you login to the website. Same counts for ingame. If you join ingame you won't be able to run any commands or switch servers until you entered your code (you will get a message if it's needed, just type the code in the game chat to unlock your account again). Having this allows your account to be unable to do any harm if it somehow does get compromised.
  16.  
  17. More detailed how to here...
  18.  
  19. Your Minecraft account
  20. If you haven't migrated your account from Minecraft to Mojang yet I suggest you to do this asap. If you still login with just your username and not your email on the launcher you're still having an old Minecraft account and not a Mojang one. If you want to migrate this go to this website to do so: https://account.mojang.com/migrate
  21.  
  22. Once you have done above also make sure to setup your security questions for your Mojang account. This are 3 questions you can select and give the answer for. Then whenever you login to Mojang and they think it's suspicious or has been a long time they will ask you to answer all three of them. Is one wrong you will not be allowed to login. Also make sure you are using an e-mail you still have access to. In case you must forget one of these questions you can ask for an e-mail to reset them.
  23.  
  24. Downloading mods and others
  25. Be careful when you download mods from the internet mainly if they are fairly unknown or new. Some of these could be doing things that they shouldn't be doing like storing your login information and sending it to the creator or grabbing your session id to attempt to login to your account. 
  26.  
  27. Has my account info ever been leaked?
  28. Like I mentioned earlier some bigger websites or platforms have had security leaks before and had user information being leaked to the public. A very good website to verify if your account was one of these is this one: https://haveibeenpwned.com/ If you find one of your accounts on this list I hardly suggest to update your passwords if you haven't done so recently.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!