It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussionMy account was hacked! - Suggestion(48 posts)(48 posts)
(48 posts)
Pages:
1
2
3
4
This is my favourite topic
Posted June 18, 2015
avatar
Huff: Didn't realize this was a known bug, not seen it in all the time Ive been here !
avatar
madth3: It doesn't happen all the time and not to all the users. As I said, it was supposed to be fixed.
:-)

Oh, and just because it has been seen before doesn't mean you should just shrug it. You can sent support a ticket about it.
Already sent, thanks
Posted June 18, 2015
avatar
madth3: It doesn't happen all the time and not to all the users. As I said, it was supposed to be fixed.
:-)

Oh, and just because it has been seen before doesn't mean you should just shrug it. You can sent support a ticket about it.
avatar
Huff: Already sent, thanks
This is happening to me too and I've now also sent in a ticket. Hopefully GOG will fix it sooner rather than later.
Posted June 19, 2015
Accounts are reported hacked and now suddenly GOG is telling me I need to log in even though I already am. It makes me uneasy.
Posted June 19, 2015
avatar
doady: Accounts are reported hacked and now suddenly GOG is telling me I need to log in even though I already am. It makes me uneasy.
Is this really coming from gog.com?
Did you inspect the requests in your browser?

Normally you are still logged in when there are the cookies.
Posted June 19, 2015
Yeah, i've been seeing this pattern of "log in" shown in the site chrome when I'm already logged in for a couple of days now. I don't know how this could be an attack vector, but I certainly haven't read through the javascript.
Posted June 19, 2015
avatar
jsjrodman: Yeah, i've been seeing this pattern of "log in" shown in the site chrome when I'm already logged in for a couple of days now. I don't know how this could be an attack vector, but I certainly haven't read through the javascript.
Just open the console and take a look at the requests.

I never had this bug here and I amusing the latest stable version of Google Chrome.
Posted June 19, 2015
Read this, not directly connected but good to know.
[url=]http://www.pcworld.com/article/2052586/microsoft-is-quietly-recycling-outlook-email-accounts.html[/url]
Posted June 19, 2015
avatar
Ciris:
I think GOG needs some sort of two factor authentication. For example if someone wants to connect from a previously unknown browser it should need confirmation. Other sites like Steam and HB have already implemented this and if they can't get into the account, they can't change the password...
Posted June 19, 2015
avatar
Ciris:
avatar
blotunga: I think GOG needs some sort of two factor authentication. For example if someone wants to connect from a previously unknown browser it should need confirmation. Other sites like Steam and HB have already implemented this and if they can't get into the account, they can't change the password...
OTP and 2FA are not so hard to deploy and integrate.
Posted June 19, 2015
I guess that this is why I keep being logged out so quickly now...

Luckily for me, I wasn't hacked, but getting logged out after about 5 minutes of inactivity makes me feel like I'm signing into Paypal or an online bank account -_-
Post edited June 19, 2015 by Shukaku
Posted June 19, 2015
high rated
avatar
cogadh: I[...]This is a great start, but the bigger problem is you guys seem to reset the password back to its original when restoring an account. If the real account owner is not sitting on their E-mail waiting for the password, the hijacker can just get right back in. You need to institute a system of resetting the password to something random instead of re-using the old password. You also need to get serious about two-factor authentication. No major site these days doesn't at least offer that as an option.
^ This.

and


avatar
madth3: This is just dumb. You should be setting a new password and sending that to the true owner.
^ This.

and better yet


avatar
DanielRuf: Sending plaintext passwords is also not good.They should provide a reset link.
^ This.
Posted June 19, 2015
I too am getting logged out constantly. I think 30 minutes may be the time limit, as I found a _utmb cookie that gets set for 30 minutes, but the cookies that are set for only a few minutes (not sure how many, maybe 3 or 5) don't seem to log me out when they expire.

This is annoying, but a bigger issue is last night I had a download going full speed, and then it just suddenly stopped at 6%. I'm wondering if maybe the site logged me out, and then that somehow killed the download?
Posted August 04, 2015
This is bs! I bought TW3 directly from the producer and now some russian kid has changed my mail and pw just because gog has no idea what security is!!! I've never had this problem with steam or origin.
Posted August 05, 2015
Could anyone help? My ticket number is V2KLRSM6
Posted August 07, 2015
avatar
b3rs: This is bs! I bought TW3 directly from the producer and now some russian kid has changed my mail and pw just because gog has no idea what security is!!! I've never had this problem with steam or origin.
Did you use some weak or same password somewhere else?
Pages:
1
2
3
4
This is my favourite topic
Community
General discussionMy account was hacked! - Suggestion(48 posts)(48 posts)
(48 posts)