16
Over the course of me being a member of the Minecraft community I have noted down couple of key points which you may or may not realize get your Minecraft account compromised. And here I am sharing them with you, so you can play protected. Some of the points may seem obvious and already heard of, but I will go into detail with them listing potential real-life examples of where or how they may occur.
1) Have a strong password.
This is pretty self-explanatory. You want to make sure you have a strong password, this will help prevent people from simply guessing your password or doing a dictionary attack on your account. A dictionary attack is basically when the "account cracker" or commonly referred to as "hacker" has a compiled list of popular or compromised passwords which he uses to check if any of them match with your account to gain access. Use as many combinations of symbols, numbers, and letters as you can including upper and lower-casing the letters in your password.
For example if your password currently is: james2005
Perhaps replace one of the zeros with the letter "O". Add couple of capitalizations and symbols to the beginning and/or end of your new password to give it a unique and transformed look: !J@mes20O5!
2. Don't use the same password everywhere.
Having a strong password is one thing, but using the same password everywhere is a huge security issue. Always keep your financial passwords such as Banking, PayPal, etc. separate from your Email or Forum passwords.
Did you ever order a Minecraft Server from a hosting company that uses the popular WHMCS client/billing management software? Chances are if you are a server owner and are using shared hosting you probably have.
By default WHMCS has email templates that most hosting providers don't configure, The "Welcome Email" which you receive when you signup contains your password in plain text for your own reference. But it can be viewed by your hosting providers administrative staff.
If your thinking "my hosting company would never do such a thing!". Don't be fooled. Majority of the hosting companies today (especially the small ones that are starting out) are ran by kids that know how to follow couple of linux based tutorials and learn how to install MultiCraft which some how gives them the sudden confidence of running a full-time full-scale business. And the rest... you know the saying: "Kids will be kids".
3. Never input a real password on servers with the Auth plugin.
Now this is more common on "cracked-servers" and is becoming popular on other servers as Two-Factor Authentication. Ever login to a server and you can't move and are required to setup a password for your username? Typically with a command like: /register <password> <confirm>
Never input your real password or anything remotely close to it. Especially if you use the same password everywhere. The server may log commands you input or may simply be storing your passwords in plain text. When I personally join these type of servers that requires authentication I don't really think much of it, and pretty much always /register Google Google as my password. Because I personally believe Two-Factor Authentication for a Minecraft account on a server is bogus. The only reason why Two-Factor Authentication should be used on a Minecraft server is only for staff, and should be available optionally for individuals who share their account with siblings.
If for some reason your still hacked or lost access to your account even following the methods above, don't worry! You can get your account back from Mojang. All you would need to do is contact the Mojang support team, claiming that you lost access to your account, submit your PayPal email, transaction ID, and any other relevant payment information. They should have it all fixed up for you.
Remember it's best to take preventative measures rather than acting when it's too late.
Have a question? Leave a Comment! Like my post? Give it a Diamond! Want more? Subscribe!
1) Have a strong password.
This is pretty self-explanatory. You want to make sure you have a strong password, this will help prevent people from simply guessing your password or doing a dictionary attack on your account. A dictionary attack is basically when the "account cracker" or commonly referred to as "hacker" has a compiled list of popular or compromised passwords which he uses to check if any of them match with your account to gain access. Use as many combinations of symbols, numbers, and letters as you can including upper and lower-casing the letters in your password.
For example if your password currently is: james2005
Perhaps replace one of the zeros with the letter "O". Add couple of capitalizations and symbols to the beginning and/or end of your new password to give it a unique and transformed look: !J@mes20O5!
2. Don't use the same password everywhere.
Having a strong password is one thing, but using the same password everywhere is a huge security issue. Always keep your financial passwords such as Banking, PayPal, etc. separate from your Email or Forum passwords.
Did you ever order a Minecraft Server from a hosting company that uses the popular WHMCS client/billing management software? Chances are if you are a server owner and are using shared hosting you probably have.
By default WHMCS has email templates that most hosting providers don't configure, The "Welcome Email" which you receive when you signup contains your password in plain text for your own reference. But it can be viewed by your hosting providers administrative staff.
If your thinking "my hosting company would never do such a thing!". Don't be fooled. Majority of the hosting companies today (especially the small ones that are starting out) are ran by kids that know how to follow couple of linux based tutorials and learn how to install MultiCraft which some how gives them the sudden confidence of running a full-time full-scale business. And the rest... you know the saying: "Kids will be kids".
3. Never input a real password on servers with the Auth plugin.
Now this is more common on "cracked-servers" and is becoming popular on other servers as Two-Factor Authentication. Ever login to a server and you can't move and are required to setup a password for your username? Typically with a command like: /register <password> <confirm>
Never input your real password or anything remotely close to it. Especially if you use the same password everywhere. The server may log commands you input or may simply be storing your passwords in plain text. When I personally join these type of servers that requires authentication I don't really think much of it, and pretty much always /register Google Google as my password. Because I personally believe Two-Factor Authentication for a Minecraft account on a server is bogus. The only reason why Two-Factor Authentication should be used on a Minecraft server is only for staff, and should be available optionally for individuals who share their account with siblings.
If for some reason your still hacked or lost access to your account even following the methods above, don't worry! You can get your account back from Mojang. All you would need to do is contact the Mojang support team, claiming that you lost access to your account, submit your PayPal email, transaction ID, and any other relevant payment information. They should have it all fixed up for you.
Remember it's best to take preventative measures rather than acting when it's too late.
Have a question? Leave a Comment! Like my post? Give it a Diamond! Want more? Subscribe!
| Tags |
tools/tracking
3061731
6
how-not-to-get-hacked-3061731
EccentricEremite
DarkwolfContent
ajthepeach
ScotsMiser
WhisperOfTheWild
portal2
![Confirmed kiruna campus locatoins [BENT] Minecraft Blog](https://static.planetminecraft.com/images/layout/missing_image.png)
GoldenScientist
Ender Sparkle
Escapazition
ShellyD
Create an account or sign in to comment.
Perhaps replace one of the zeros with the letter "O". Add couple of capitalizations and symbols to the beginning and/or end of your new password to give it a unique and transformed look: !J@mes20O5! "
One of the first thins Bruteforce does is it replaces letters with symbols that are commonly used to replace it. In my opinion, changing james2005 to !J@mes20O5! would help some, but not by an extreme amount.