Jump to content

MyEset account taken over


NewbyUser
 Share

Go to solution Solved by Nightowl,

Recommended Posts

  • ESET Insiders

Got an alert about a device from Venezuela logging in, now my password no longer works. How do I regain control?

Link to comment
Share on other sites

  • ESET Insiders

Gotta say putting licensing details in something so easily taken over is a bad idea. If it was detected to be a strange login why would it be allowed? Come on Eset. Do better. Geez 

Link to comment
Share on other sites

  • ESET Insiders

Now I get the obvious email about my license being overused, couldn't have seen that coming lol.  Not impressed with Eset at the moment. I started a support ticket right after I was locked out. #00240573

Link to comment
Share on other sites

  • ESET Insiders

I believe I recovered the account. But there aren’t any devices that I don’t recognize. Not sure what happened. 

 

 

348CA520-9A8F-48A7-BA9E-26444A51B5CB.png

Edited by NewbyUser
Link to comment
Share on other sites

  • Most Valued Members
  • Solution

Reset passwords for everything related to your ESET account , including your email address , just to make sure you are not compromised in another places.

Link to comment
Share on other sites

  • Administrators

If you have re-used the password from these services, someone else could easily log into your my.eset.com account:

image.png

As already suggested above, reset your password to a unique one that is not easy to guess and that you don't use for login elsewhere.

Link to comment
Share on other sites

  • Most Valued Members

Hopefully 2FA will be soon. I have mentioned previously this will keep happening

Link to comment
Share on other sites

  • Administrators
6 minutes ago, peteyt said:

Hopefully 2FA will be soon. I have mentioned previously this will keep happening

This will help security-aware users who will enable it. However, these users usually don't recycle the password for accounts at various web services.

Link to comment
Share on other sites

  • ESET Insiders
1 hour ago, peteyt said:

Hopefully 2FA will be soon. I have mentioned previously this will keep happening

Yes, that would help. I have 2FA enabled where it is available for the most part. Fortunately the email account tied to myeest account is one of them.

Link to comment
Share on other sites

  • ESET Insiders
6 hours ago, Marcos said:

If you have re-used the password from these services, someone else could easily log into your my.eset.com account:

image.png

As already suggested above, reset your password to a unique one that is not easy to guess and that you don't use for login elsewhere.

Done. Yes I goofed, but so did eset by allowing a signin that was detected as being suspicious to begin with. Also 2FA should be implemented by now, it's allegedly been on the to do list for 6 months now  almost to the day.

 

Link to comment
Share on other sites

  • Most Valued Members
6 hours ago, NewbyUser said:

Done. Yes I goofed, but so did eset by allowing a signin that was detected as being suspicious to begin with. Also 2FA should be implemented by now, it's allegedly been on the to do list for 6 months now  almost to the day.

 

 

10 hours ago, Marcos said:

This will help security-aware users who will enable it. However, these users usually don't recycle the password for accounts at various web services.

 

6 hours ago, NewbyUser said:

Done. Yes I goofed, but so did eset by allowing a signin that was detected as being suspicious to begin with. Also 2FA should be implemented by now, it's allegedly been on the to do list for 6 months now  almost to the day.

 

I agree that those not security aware will probably not enable it in general. However with 2FA at least Eset would be doing their part. I suppose it's like saying don't open dodgy emails, people do but Eset has protections. I also find it strange that I'm sure I've seen it recommended to have 2FA enabled on posts on welivesecurity which is ran by Eset, yet eset is not using it itself.

Link to comment
Share on other sites

  • ESET Moderators

Well 2FA is on the list of features to implement and we want to have it available there, but as many others so a prioritization plays the role here.

Peter

 

Link to comment
Share on other sites

  • ESET Insiders
On 9/8/2021 at 4:21 PM, peteyt said:

 I also find it strange that I'm sure I've seen it recommended to have 2FA enabled on posts on welivesecurity which is ran by Eset, yet eset is not using it itself.

Stranger yet, they even have their own 2FA, for business users.

https://www.eset.com/my/business/two-factor-authentication/

Link to comment
Share on other sites

The type of 2FA I want is the same as my bank provides and it does not require a smart phone to use.

When I log onto my bank web site, it requires me to select which phone number I have registered with them to receive a text message from them that contains a 6 digit security code. I can also receive a voice call containing the code instead. They then send me the code to my "vintage" non-smart phone. I then enter the code on the web page and the logon to the full bank web site proceeds. 

Note the 2FA elements deployed. The first is valid user id and password. The second is a one-time use served up security code.

Edited by itman
Link to comment
Share on other sites

  • ESET Insiders
4 minutes ago, itman said:

The type of 2FA I want is the same as my bank provides and it does not require a smart phone to use.

When I log onto my bank web site, it requires me to select which phone number I have registered with them to receive a text message from them that contains a 6 digit security code. They then send me the code to my "vintage" non-smart phone. I then enter the code on the web page and the logon to the full bank web site proceeds. 

Note the 2FA elements deployed. The first is valid user id and password. The second is a one-time use served up security code.

Totally agree. I'm more shocked you have a "vintage" non-smart phone lol.

Link to comment
Share on other sites

  • ESET Insiders
1 minute ago, itman said:

Costs me $5 a month, that's why.

Like with real buttons? No screen? Didn't know they made any like that these days.

Link to comment
Share on other sites

Just now, NewbyUser said:

Like with real buttons? No screen? Didn't know they made any like that these days.

When I stated "vintage" I meant I purchased phone in 2003. It still works fine. It does have a browser but forget using it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...