How I wasn't Hacked

Alife4we

Active member
Messages
57
Reaction score
30
Points
18
I use the two factor setting on many sites. and until today, i learned how Windice has an extra security step to ensure that it is in fact you logging into your account.

I use the brave browser. Usually, i can just open my browser and i'll be logged into my account. I do this because i know nobody can get on my computer unless i leave it open. 🤦‍♀️Which almost never happens.

However last night, :sleep:i fell asleep without closing my computer. and was it not for these extra steps in security, i would have been hacked.

Luckily,:sneaky:I cleared my cookies though before going to bed so it logged me out of all my online sites.

Keep in mind, i have 2 FA on all of my sites. yet the only one that wasn't successfully accessed was Windice.

Here's why;

My Boyfriend, A trusting guy who In no way would actually take anything from me but has it in him to prove that having auto sign-in turned on and saving my passwords to google makes my accounts unsafe. (My defense; "Not when your passwords are something like this: IlITlI-lIlTIlIHlIlTIl and you can't tell if its capital i or lowercase L lol.)

Unfortunately for me, i had fallen asleep with my browser open and also my phone just happened to be on my 2 FA app. Open to be able to see all of the sites i have a 2 FA for. ( :poop:excuse: This because i was noticing my computer being slow so i cleared cookies. while waiting on cookies to clear i got extra tired and moved to my bedroom. i must have logged into my 2 FA app cause i knew i'd be needing to enter codes again when signing back into all the sites. )

🧐He told me he was able to log into my accounts. 🤓 because though i cleared cookies, i didn't clear my passwords saved. it wasn't until he came to WinDice that he was forced to leave the authentication app on my phone.

As you all know, you may enter your 2 FA only one time for most sites. However, WinDice also sends you a code to your email. and unlike other pop up notifications that show this code right away, this one requires you to actually open the email to get the code. entering this code will cause your prior 2 FA code to expire and you'll get a Bad login attempt email right after this. you'll be asked to reenter the 2 FA code. Which would require a fingerprint at this point because he left the app.

🥳He was unable to Re-open my 2FA app so the login attempts stopped right there.

He explained more of course when i woke up saying, that he was able to enter the codes to all the other sites, even Coinbase's, "security". i asked how and he said, every code that came in to email or text was visible in the pop up text, or notification bar. this meant he didn't have to leave the 2FA app to get the code to enter it on the site.

But WInDice's email was different. the code couldn't be seen in the notification so he had to leave the app to continue. Its because he had to leave the 2 FA app that he was unable to proceed into WinDice when asked to reenter the 2 FA code again.

In conclusion, If i was able to Vote for who has the most secure site, I would without question vote WinDice because its the only site that he was unable to access.


Thanks For reading🧡

-Alife4we
 

Raybrfg181

Newbie
Messages
10
Reaction score
10
Points
3
im not a security expert, so i can't give a vote of most secure site. But, i have had close to the same thing happen with my wife fooling around with my devices. Since, out of paranoia, I have disabled the pop up notifications on my mobile. Never know who can get ahold of your phone when it is missing.
 
Top