LiveJournal Announcement: Keeping Your Journal Safe

LiveJournal logo

Image via Wikipedia

LiveJournal recently has sent an email with tips to keep our accounts safe. As tips would equally helpful to protect all our online accounts, I am publishing the email here.

Recently some journals and communities have been broken into, their contents deleted, and their owners locked out. We want to explain how this can happen and give you some steps you can take to help prevent this from happening to your journal or community.
First of all, we would like to dispel the rumor that these break-ins have something to do with the accounts that have recently been friending large numbers of users (sometimes called friending bots). We do not believe these are related. The problem appears to stem from Hotmail's policy of recycling inactive email addresses.
The recent break-ins resulted from hijackers finding and accessing lapsed Hotmail accounts that were used with LiveJournal accounts and publicly displayed on Profile pages in the past. You should be aware that Hotmail recycles email addresses that haven't been used in more than a year. If you validated a Hotmail address for your journal and displayed it publicly in the past, but then let the address lapse, someone who finds and re-registers that address can use it to obtain control of the journal.
Managing Your Email Addresses
The best thing you can do to keep your account safe is to keep your password secure and make sure that you're in control of all the email addresses you have used with your account. We have added a Manage Email Addresses feature that allows you to delete email addresses that are no longer active. If you have been using your current validated email address for at least six months, you can delete all the other addresses associated with your account. If you validated your current email address less than six months ago, you must wait until you've been using it for six months to delete all the other addresses.

The checkboxes will be active if you can delete the address. You can manage your email addresses here.
Keeping Your Community Safe
To keep a community safe, you should remove all inactive maintainers. Make sure that the users listed as maintainers are actively maintaining the community. If any maintainer is no longer part of the community, don't leave them as community maintainers, even for sentimental reasons.
Using the Secret Question and Protecting Your Password
A great way to protect your password is to use the secret question. If you forget your password but no longer have access to the email you used to create your account, the secret question helps us verify that it's really you requesting your password. The secret question is only used when you forget your password or email; you don't need to answer the question when you just want to change your password or email. You can choose from a list of questions or you can create your own. We advise creating your own. The best questions, of course, have answers known only to you, so make sure you haven't inadvertently given away the answer somewhere, like talking about your first pet or where you went to high school on your journal. Another strategy is to make the answer to your secret question completely unrelated to the question. You can set your secret question here.
Even if no one has broken into your account, it's always a good idea to change your password periodically. Going through all the steps in this FAQ from time to time can save you a lot of trouble down the road. And it doesn't hurt to take a peek at your login history now and then, just to make sure it matches your actual activity.
Look Before You Click
Another aspect of the recent community hijackings is the planting of malicious links. Once the hijackers have gained control of a maintainer's email address and used it to remove all the other maintainers, they have been posting entries that may contain links to viruses and malware. Always practice safe clicking. Don't click on anything—even if it's posted by a friend—without hovering your mouse over the link and checking the status bar to make sure that what you're clicking is for real. You should also run any and all spyware/malware/antivirus programs on a regular basis. A basic Google search will turn up a number of free programs that you can use to protect your computer.

Reblog this post [with Zemanta]

0 comments:

Post a Comment

All comments are moderated. Please post no spam

Disclaimer & Privacy Policies

(c) Mrs. Ruby Christy. This site and contents are owned by Mrs. Ruby Christy;
Use of this website and/or services offered by us indicates your acceptance of our Disclaimer& Privacy Policies.

Information and opinions provided on this website (www.investchips.com) has been independently obtained from sources believed to be reliable. However, such information may include inaccuracies, errors or omissions. Investchips.com and its affiliates, information providers or content providers and R.John Christy and his Family shall have no liability to you or third parties for the accuracy, completeness, timeliness or correct sequencing of information available on this website or feeds, or for any decision made or action taken by you in reliance upon such information, or for the delay or interruption of such information. Investchips.com,its affiliates, information providers ,content providers and R. John Christy and his Family shall have no liability for investment decisions or other actions taken or made by you based on the information provided on this website. Any action you choose to take in the markets is totally your own responsibility. Investchips.com and R. John Christy and his Family will not be liable for any, direct or indirect, consequential or incidental damages or loss arising out of the use of this information. This information is neither an offer to sell nor solicitation to buy any of the securities mentioned herein. Opinions expressed by R. John Christy are his own and not of his past, present and future employers.
The DoubleClick DART cookie is used by Google in the ads served on this websites displaying AdSense for content ads. When users visit this website and either view or click on an ad, a cookie may be dropped on that end user's browser.
  • Google, as a third party vendor, uses cookies to serve ads on this site.
  • Google's use of the DART cookie enables it to serve ads to your users based on their visit to this site and other sites on the Internet.
  • Users may opt out of the use of the DART cookie by visiting the Google ad and content network privacy policy.
  • www.investchips.com never collects any personal information of visitors.