Account Security Tips/FAQ

Discussion in 'Server Announcements' started by ypperin, Jul 20, 2019.

Thread Status:
Not open for further replies.
  1. ypperin

    ypperin Community Manager
    Administrator

    Joined:
    Feb 10, 2015
    Messages:
    21,512
    Likes Received:
    1,173
    Planet:
    Jungle
    Greetings Cosmonauts!
    I have received numerous messages from people who are asking for information on how to better keep their accounts safe.

    Here are some friendly tips from an Admin that will help you :)
    • Passwords
      • Do not reuse passwords (make sure anywhere you log in is different)
        • Your forums password should not be the same as your minecraft or twitch or twitter passwords for example
      • Do not use real words (keep the passwords random numbers letters and characters)
      • Passwords should be a minimum of 8+ random numbers letters and characters
        • This means use upper case and lowercase letters as well as numbers and characters like * or @
        • If you're worried about remembering your password you can use a password manager like LastPass it's free and available on your computer and mobile device
      • Change your passwords after some time
        • Cosmic has implemented password expiration on the forums to help you remember this and to help you keep your account secure :)
    • /2fa (2 Factor Authentication or 2 Step Verification)
      • Cosmic will be implementing an upgrade to their /2fa in the next short bit.
      • /2fa should be active wherever you can such as:
        • Minecraft servers that offer it (like all Cosmic Servers and other large MC servers)
        • Forums
        • Your email providers
        • Your social media accounts (twitch, twitter, instagram)
        • Online providers that deal with any money (like paypal or online banking)
    • Do not share your account information
    • Do not share your logs
    • Do not allow people to "test screen sharing" you

    I'll be in the teamspeak for the next little bit if you have questions about the above tips and tricks! Feel free to join if you need an app suggestion or the like :)

    Some Questions I have been asked over the last 24 hrs:

    Was the Cosmic Client affected?

    The developers have double checked and assured me that CosmicClient.com was not affected. The unauthorized access was able to access the server support for the CosmicClient (the part that let's you roam for example). This is different and separate from CosmicClient.com and the CosmicClient you use and we do not have any concerns about anyone using the CosmicClient.

    Does the CosmicClient store our minecraft account information?
    Absolutely not.
    None of your login information is stored centrally by Cosmic. Cosmic doesn't even store session keys.

    Should I change my account information?
    I can understand feeling a bit nervous and there's no harm in changing your minecraft/2fa/forums account information if it will make you feel better. I personally do this every few weeks just because I'm very cautious.


    As a community, this incident is a good opportunity to reassess our individual security practices and ensure we use all the tools at our disposal to keep our information and accounts safe online.
     
    #1
    • Agree Agree x 1
  2. BlueBerryCow

    BlueBerryCow Member
    Orchid Knight Hydra Voidwalker Scorcher Archmage -= Tropico + =- -= Scorcher + =- -= Guardian + =- Glacier Demonlord

    Joined:
    Jul 20, 2015
    Messages:
    339
    Likes Received:
    12
    IGN:
    blueberrycow
    Planet:
    demon
    Faction:
    cactusclan
  3. Feelgoodcharlie

    Feelgoodcharlie Active Member
    Journeyman King Phantom Pilot Tropico Pyro Pirate Rosy Guardian Beastslayer -= Hero + =- Freezer Glacier Dragon

    Joined:
    Apr 23, 2016
    Messages:
    820
    Likes Received:
    39
    IGN:
    DavidPlayzz
    Planet:
    Dungeon
    Faction:
    Ravens
  4. Majorblake

    Majorblake Moderator
    Moderator <= Beta Tester => Orchid King Knight Tropico Shard Scorcher -= Guardian + =- Hatchling Ghoul

    Joined:
    Oct 18, 2015
    Messages:
    1,815
    Likes Received:
    50
    IGN:
    Majorblake
    Planet:
    Spirit
  5. ZonumGaming

    ZonumGaming Member
    Orchid Hydra Witcher Warlock Vault-Tec Pyro Hero Pirate Shard Sandstormer Amazon -= Guardian + =-

    Joined:
    Sep 12, 2015
    Messages:
    95
    Likes Received:
    2
    IGN:
    Zonum_
    Planet:
    Spirit
    Faction:
    Homicide
    I’m doing the Nae Nae rn
     
    #5
  6. Donwee8

    Donwee8 Well-Known Member
    Survivor Sprite Tropico Apprentice Dragon

    Joined:
    Apr 29, 2017
    Messages:
    5,554
    Likes Received:
    64
    IGN:
    donwee88
  7. Endrker

    Endrker Member
    Mist Mage -= Guardian + =- Heartless

    Joined:
    Dec 11, 2018
    Messages:
    44
    Likes Received:
    0
    IGN:
    Endrker
    Planet:
    Spirit
    Faction:
    TrapNation
    is it necessary to change it for your main / alts tho? @ypperin
     
    #7
  8. ItzChuck

    ItzChuck Cosmic Client v2.0 Beta Tester
    <= Beta Tester => Mist Pilot Hero Guardian Acolyte Archmage -= Tropico + =- -= Scorcher + =- Executioner Ghoul Dragon Daisy

    Joined:
    Jun 12, 2016
    Messages:
    7,059
    Likes Received:
    208
    IGN:
    FreeHunna
    Planet:
    Lava
    Faction:
    5atanic
    Someone said in the last post about this that some users unencrypted IP addresses were possibly leaked from this breach. Will you notify the people who had there IP address leaked to change it because it’s kinda annoying for some people to do
     
    #8
  9. N8Dude

    N8Dude Well-Known Member
    Merchant Mercenary Journeyman Squire Spectre Specialist Private Pixie Seedling Shard Scout Basilisk Ash -= Tropico + =- Buccaneer Explorer

    Joined:
    May 22, 2016
    Messages:
    3,981
    Likes Received:
    130
    IGN:
    N8Vapes
    Planet:
    Jungle
    Faction:
    Exeo
    Do we need to change our 2fa and or account? Also could this happen again or run any risk? What are the fines for this person?...
    @ypperin
     
    #9
  10. 0ef

    0ef Member

    Joined:
    Dec 24, 2016
    Messages:
    159
    Likes Received:
    3
    IGN:
    0ef
    Planet:
    Spirit
    Faction:
    StormBlade
    Watch out for da kids that are talking about getting plug ins from logs as well, be safe. :)
     
    #10
  11. ypperin

    ypperin Community Manager
    Administrator

    Joined:
    Feb 10, 2015
    Messages:
    21,512
    Likes Received:
    1,173
    Planet:
    Jungle
    I've always said if you're uncomfortable with something you can change it. IGN's are not related to email addresses or the like (and we are not mojang so we'd not able to necessarily affiliate the two).

    We are not mojang. With regards to CosmicClient.com, none of your login information is stored centrally by Cosmic. Cosmic doesn't even store session keys and your login information from the vanilla launcher would not be forwarded to us either. That said, if you'd feel better resetting it you're more than welcome to.

    If you wish to reset your /2fa simply run /2fa remove from the hub, then wait a minute / relog and rerun /2fa and follow the steps to add it to your 2fa application (Authy)
     
    #11
  12. Loxtech

    Loxtech Cosmic Client v2.0 Beta Tester
    <= Beta Tester => Mercenary King QuarterMaster Pleb Archmage -= Tropico + =- -= Scorcher + =- -= Hero + =- -= Guardian + =- -= Glacier + =- Freezer Dragon Daisy

    Joined:
    Feb 20, 2017
    Messages:
    3,088
    Likes Received:
    68
    IGN:
    Loxtech
    Planet:
    Sovereign
    Faction:
    Epic
    Ahhhhh welp, it happens
     
    #12
  13. Nyanasaur

    Nyanasaur Active Member
    Mist -= Scorcher + =- Demonlord

    Joined:
    Jun 23, 2015
    Messages:
    1,518
    Likes Received:
    16
    IGN:
    Nyanasaur
    Planet:
    Demon
    Faction:
    Mythic
  14. N8Dude

    N8Dude Well-Known Member
    Merchant Mercenary Journeyman Squire Spectre Specialist Private Pixie Seedling Shard Scout Basilisk Ash -= Tropico + =- Buccaneer Explorer

    Joined:
    May 22, 2016
    Messages:
    3,981
    Likes Received:
    130
    IGN:
    N8Vapes
    Planet:
    Jungle
    Faction:
    Exeo
    I saw the "/2fa upgrade" in the hub. IG we needed to re do the 2fa. thanks for the easy way of redoing it w 2fa upgrade
     
    #14
  15. LordRashawn

    LordRashawn New Member
    Hero

    Joined:
    Apr 30, 2016
    Messages:
    2
    Likes Received:
    0
    I broke the device i had my 2fa on and have no idea where the password thing went its been nearly 2 years is there anyway to get it re done
     
    #15
  16. LordRashawn

    LordRashawn New Member
    Hero

    Joined:
    Apr 30, 2016
    Messages:
    2
    Likes Received:
    0
    If anything i can prove its me however u need me to idk just would like to play again
     
    #16
  17. ypperin

    ypperin Community Manager
    Administrator

    Joined:
    Feb 10, 2015
    Messages:
    21,512
    Likes Received:
    1,173
    Planet:
    Jungle
    #17
  18. Dark_Wolf06091

    Dark_Wolf06091 New Member

    Joined:
    Jun 25, 2019
    Messages:
    4
    Likes Received:
    0
    IGN:
    Dark_Wolf06091
  19. commanderjosh

    commanderjosh Member
    Mercenary Lavamob Vine Pixie Shard -= Captain + =- -= Hero + =- Fiend Ember Daisy

    Joined:
    Apr 13, 2016
    Messages:
    219
    Likes Received:
    6
    IGN:
    Jinxity
    Planet:
    Dungeon
    Faction:
    Lemons
    FOOK IT I LIVE ON THE EDGE
     
    #19
Thread Status:
Not open for further replies.

Share This Page