Notice: My personal stance on AI generated artwork. Retweet and share if you agree. Let us discuss, and not immediately scream bloody murder.

Now Viewing: Afraid of account hackers, and afraid changing my password. Help?
Keep it civil, do not flame or bait other users. If you notice anything illegal or inappropriate being discussed, contact an administrator or moderator.

SadSap - Group: Member - Total Posts: 6064
user_avatar
Afraid of account hackers, and afraid changing my password. Help?
Posted on: 11/21/24 12:31PM

It seems there's a lingering problem of autistic, nazi-worshipping, incel trolls hacking into people's gelbooru accounts, and then spamming bad things that soon get them banned.

So yeah, I'm a little worried about this happening to me, and I'm thinking about changing my password. But unfortunately, Gelbooru does not have password recovery features, and won't even let you tie your account to an email. I really don't want to accidentally forget my new password and end up losing this account for good.

Got any advice? Please and thanks.



Hee-Ho - Group: Member - Total Posts: 4329
user_avatar
Posted on: 11/21/24 12:38PM

Change your password. Write down if it's complex.



Pollix - Group: Member - Total Posts: 244
user_avatar
Posted on: 11/21/24 05:04PM

as far as getting the average online users attention, think Gelbooru is on the fringe. wouldn't worry about it ... too much



Maximinimal - Group: Member - Total Posts: 1094
user_avatar
Posted on: 11/21/24 09:44PM

why would you be scared for dear life? I would agree with Hee-Ho here,change as often to the point it became complex,but first,prepare a physical note or an offline note software on your PC,and stash it somewhere only you know,since the downside to gelbooru is password(s) are unguaranteed in terms of recovery,you really have to be very serious about where you save your password(s).

no one here is a self-proclaimed spirit medium who like to privy.



burner_identification - Group: Member - Total Posts: 170
user_avatar
Posted on: 11/22/24 03:15AM

SadSap said:
It seems there's a lingering problem of autistic, nazi-worshipping, incel trolls hacking into people's gelbooru accounts, and then spamming bad things that soon get them banned.

So yeah, I'm a little worried about this happening to me, and I'm thinking about changing my password. But unfortunately, Gelbooru does not have password recovery features, and won't even let you tie your account to an email. I really don't want to accidentally forget my new password and end up losing this account for good.

Got any advice? Please and thanks.


"lingering" - I know one example, where somebody thinks that maybe this is the case, with no confirmation. Do you know other examples? If not, then again you are misrepresenting and overblowing an issue. I don't think there's any real problem here.
With that said, the question about security is legit and a pet peeve of mine, so:

If you are not afraid of other people finding it and you want safety for this one thing, writing it down is a good choice, as others have said.

If you want more security that is applicable to other things as well, not just reasonably worthless horny posting, my routine is:
1, One master password I have learned, that is nowhere stored physically. Write it down in your home, if you are not confident in your ability to remember something sufficiently complex and long.
1, (alternative): If you know how to do that and you feel comfortable locking yourself to a physical device that has it (I don't), you can use a keyfile, instead of remembering anything.
2, Use an off-line password storage that you trust (preferably FOSS). I use KeePass (keepass.info/), locked with that password.
3, Keep multiple copies of your storage file, because if you loose that, that's a disaster. Since it is encrypted, it's safe to put it online. I use a free tier dropbox account to automatically sync it across my devices, and include it in my bi-weekly data backups as a last resort.

It was not in the question, but for 2FA I've been using physical security keys for 3 years now (because I don't trust anything that is on a phone), and it has been working great so far.



burner_identification - Group: Member - Total Posts: 170
user_avatar
Posted on: 11/22/24 03:28AM

...and ultimately, accept the fact that none if this is going to help you, if gelbooru itself is "hackable", i.e. they have a security slipup somewhere in the code. :)



SadSap - Group: Member - Total Posts: 6064
user_avatar
Posted on: 11/22/24 04:15AM

burner_identification said:
"lingering" - I know one example, where somebody thinks that maybe this is the case, with no confirmation. Do you know other examples? If not, then again you are misrepresenting and overblowing an issue. I don't think there's any real problem here.

Yeah, that's true. It wasn't confirmed if that one case was a hacker or not, so I might be overblowing it a tad.

Although an account laying dormant, suddenly posting nazi incel shit has happened at least 5 times before. Not a whole lot yes, but it's still a possibility.

burner_identification said:
With that said, the question about security is legit and a pet peeve of mine, so:

If you are not afraid of other people finding it and you want safety for this one thing, writing it down is a good choice, as others have said.

If you want more security that is applicable to other things as well, not just reasonably worthless horny posting, my routine is:
1, One master password I have learned, that is nowhere stored physically. Write it down in your home, if you are not confident in your ability to remember something sufficiently complex and long.
1, (alternative): If you know how to do that and you feel comfortable locking yourself to a physical device that has it (I don't), you can use a keyfile, instead of remembering anything.
2, Use an off-line password storage that you trust (preferably FOSS). I use KeePass (keepass.info/), locked with that password.
3, Keep multiple copies of your storage file, because if you loose that, that's a disaster. Since it is encrypted, it's safe to put it online. I use a free tier dropbox account to automatically sync it across my devices, and include it in my bi-weekly data backups as a last resort.

It was not in the question, but for 2FA I've been using physical security keys for 3 years now (because I don't trust anything that is on a phone), and it has been working great so far.

I'll keep some of this in mind, thanks.



Moonman - Group: Member - Total Posts: 365
user_avatar
Posted on: 11/22/24 07:50AM

I know SadSap's password



BaconMinion - Group: Member - Total Posts: 1492
user_avatar
Posted on: 11/22/24 11:27AM

Of course Moonman would know.

You cannot hide anything from Moonman.



add_replyAdd Reply


1