password requests
Tue Oct 03, 2006 4:05 am
I've been getting a lot of password requests sent to my e-mail address lately (I just had two in the past 3 hours) -- they started happening just after I won the random contest, and have been intermittent, but steadily increasing in frequency. Is there anything you can do about this? Would TNT freeze accounts associated with an IP address just for requesting someone else's password (especially if I'm obviously in Atlanta, and the phisher were somewhere in say, Australia)? Would reporting now help me get my account back if eventually they succeeded in hacking my e-mail and getting my Neopets password?
It's really frustrating for me because when I signed up, you didn't have to worry about having the same username as your e-mail (yes, it's a hotmail account and my primary account) -- it was just easier to have everything the same. But now there are insane people who would try to hack into someone's e-mail account just to steal a few (million) NP... If they're willing to go to such lengths for a game, what else will they steal once they're in there? I've tried to change my e-mail address, but it bounced back, and they won't let me try resending it, even after I tried adding them to my safe list (I sent a bug report about this, but no reply so far). I'm not getting a third e-mail account just for Neopets.
Besides, the real concern is that someone is actively trying to hack into my e-mail account just to retrieve my Neopets password (assuming they guessed it's the same and it's hotmail). Even if I change the e-mail associated with my account, the thief won't know that -- they'll still be trying to hack my primary e-mail account. I wish TNT would allow a one-time username change option for old accounts to comply with current security suggestions (since changing e-mail addresses will protect the Neopets password, but nothing else in that e-mail account). It'd take some work for them, but given the atmosphere in their community, you'd think they'd value their long-time consumers' security.
If anyone has any suggestions, I'd appreciate it. For now, I just keep deleting the passwords as soon as I see them. I don't want to create a new account and transfer everything over -- I have both lab maps and several trophies and avatars I worked hard for. I'm reasonably sure they can't just guess my e-mail password (it's strong), but an automatic program could eventually figure it out, I'm sure...
It's really frustrating for me because when I signed up, you didn't have to worry about having the same username as your e-mail (yes, it's a hotmail account and my primary account) -- it was just easier to have everything the same. But now there are insane people who would try to hack into someone's e-mail account just to steal a few (million) NP... If they're willing to go to such lengths for a game, what else will they steal once they're in there? I've tried to change my e-mail address, but it bounced back, and they won't let me try resending it, even after I tried adding them to my safe list (I sent a bug report about this, but no reply so far). I'm not getting a third e-mail account just for Neopets.
Besides, the real concern is that someone is actively trying to hack into my e-mail account just to retrieve my Neopets password (assuming they guessed it's the same and it's hotmail). Even if I change the e-mail associated with my account, the thief won't know that -- they'll still be trying to hack my primary e-mail account. I wish TNT would allow a one-time username change option for old accounts to comply with current security suggestions (since changing e-mail addresses will protect the Neopets password, but nothing else in that e-mail account). It'd take some work for them, but given the atmosphere in their community, you'd think they'd value their long-time consumers' security.
If anyone has any suggestions, I'd appreciate it. For now, I just keep deleting the passwords as soon as I see them. I don't want to create a new account and transfer everything over -- I have both lab maps and several trophies and avatars I worked hard for. I'm reasonably sure they can't just guess my e-mail password (it's strong), but an automatic program could eventually figure it out, I'm sure...
Tue Oct 03, 2006 5:19 am
Most password requests are accidental. A person has a username close to yours and think they are trying to access thier account. No worries though. They will not be able to see your e-mail address or anything else. All the info goes to you.
It can be alarming, but there is actually no harm done. I don't think TNT would freeze or even look suspiciously at such an accident.
If somebody is doing it on purpose to 'be funny', that is pretty harmless as well. If it truly bothers you, send off a message to TNT saying that you did not rmake the password requests.
It can be alarming, but there is actually no harm done. I don't think TNT would freeze or even look suspiciously at such an accident.
If somebody is doing it on purpose to 'be funny', that is pretty harmless as well. If it truly bothers you, send off a message to TNT saying that you did not rmake the password requests.
Tue Oct 03, 2006 6:02 am
Been there...done that...if TNT got worked up about that I'd have had trouble long ago. Unless your email corresponds to a pet/account you have, nobody's going to even know it unless you tell them - and they can't 'hack' your email unless they know what it is 
. Try being on a HS table and seeing how many you get ( and in how many languages!)!
. Try being on a HS table and seeing how many you get ( and in how many languages!)!
Tue Oct 03, 2006 7:00 am
Sometimes other players do that intentionally, just to be mean or to scare you. Don't worry... Just make sure your HotMail email account has a very strong password. Be sure to use a combination of letters, numbers, and keyboard characters.
Tue Oct 03, 2006 7:16 am
Oh, and it's smart to use different original passwords for e-mail and neopets.
Tue Oct 03, 2006 10:09 am
Unless that hotmail email address is your main, you might want to seriously consider getting a more secure email. Hotmail is notoriously easy to hack into and, if you don't log in for over 3 months or so, they'll give your username to someone else.
Wed Oct 04, 2006 8:12 pm
Thanks, everyone. My hotmail account password is very strong -- I guess I won't worry about it. It is indeed my main (has been for about six years), so I'm not about to switch over to something else. I check it almost daily, so I don't think I'm at risk of losing it b/c of the 3-month thing anytime soon.
I guess I just freaked out b/c I've heard of people's accounts being stolen through a PW request to their hotmail accounts -- but in those cases people were IM'ing with the thief, who (I think) cookie-grabbed their MSN PW, then sent a PW request to neo. But I don't IM with anyone other than family, so I guess I'm safe. Thanks for the reassurances. Sorry my thanks are a little tardy -- my DSL stopped working yesterday, just in time for the new plot!
I have to wait for my apt. people to try to fix the line before I can let the phone company try... I just better get it back by this weekend!
I guess I just freaked out b/c I've heard of people's accounts being stolen through a PW request to their hotmail accounts -- but in those cases people were IM'ing with the thief, who (I think) cookie-grabbed their MSN PW, then sent a PW request to neo. But I don't IM with anyone other than family, so I guess I'm safe. Thanks for the reassurances. Sorry my thanks are a little tardy -- my DSL stopped working yesterday, just in time for the new plot!
I have to wait for my apt. people to try to fix the line before I can let the phone company try... I just better get it back by this weekend!
Thu Oct 05, 2006 2:41 pm
Also, don't forget to change passwords regularly and be very careful in visiting sites that people refer you to.
Fri Oct 06, 2006 8:17 pm
That happens to me on a weekly basis -- if you have a strong pet, a well named pet, won an award, have expensive lots up on trading post, anything that attracts attention, someone will try to crack your account.
Looking at my inbox now, I can say "Neopets Lost Password" in 5 languages
Don't worry about it. As long as your password isn't 'puppy" or "princess" or "britneyspears" your account will be fine.
Looking at my inbox now, I can say "Neopets Lost Password" in 5 languages
Don't worry about it. As long as your password isn't 'puppy" or "princess" or "britneyspears" your account will be fine.