这是一个创建于 2557 天前的主题,其中的信息可能已经有所发展或是发生改变。
看到邮件才知道。。
Hey est!
A third-party OAuth Application (FastHub) with gist, ntifications, read:org, repo, and user scopes was recently authorized to access your account.
Visit https://github.com/settings/connections/applications/98387d50437fdf43d9da for more information.
To see this and other security events for your account, visit https://github.com/settings/security
If you run into problems, please contact support by visiting https://github.com/contact
Thanks,
Your friends at GitHub
第二封邮件:
Hey est!
An email address ([email protected]) was added to your account. Visit https://github.com/settings/emails to review email addresses currently associated with your account.
To see this and other security events for your account, visit https://github.com/settings/security
If you run into problems, please contact support by visiting https://github.com/contact
Thanks,
Your friends at GitHub
第三封:
Hey est!
An email address () was removed from your account. Visit https://github.com/settings/emails to review email addresses currently associated with your account.
To see this and other security events for your account, visit https://github.com/settings/security
If you run into problems, please contact support by visiting https://github.com/contact
Thanks,
Your friends at GitHub
以前一直不重视 github 帐号安全。。。。谁会这么无聊去盗 github ?
万万没想到,还真有。。。。
但是这个被盗的姿势我没看懂。。第三方 OAuth 是如何做到全自动加到我的帐号里去的?我没有授权点击过。上网都是最新版 chrome。
不过没有设 2FA 的确是我的失误。平时 github 也就去 issue 观光为主没啥特别的用处。
所以这里也跟大家提个醒。。。。。有 2FA 的还是上 2FA 吧。。不要像我这样。。
Hey est!
A third-party OAuth Application (FastHub) with gist, ntifications, read:org, repo, and user scopes was recently authorized to access your account.
Visit https://github.com/settings/connections/applications/98387d50437fdf43d9da for more information.
To see this and other security events for your account, visit https://github.com/settings/security
If you run into problems, please contact support by visiting https://github.com/contact
Thanks,
Your friends at GitHub
第二封邮件:
Hey est!
An email address ([email protected]) was added to your account. Visit https://github.com/settings/emails to review email addresses currently associated with your account.
To see this and other security events for your account, visit https://github.com/settings/security
If you run into problems, please contact support by visiting https://github.com/contact
Thanks,
Your friends at GitHub
第三封:
Hey est!
An email address () was removed from your account. Visit https://github.com/settings/emails to review email addresses currently associated with your account.
To see this and other security events for your account, visit https://github.com/settings/security
If you run into problems, please contact support by visiting https://github.com/contact
Thanks,
Your friends at GitHub
以前一直不重视 github 帐号安全。。。。谁会这么无聊去盗 github ?
万万没想到,还真有。。。。
但是这个被盗的姿势我没看懂。。第三方 OAuth 是如何做到全自动加到我的帐号里去的?我没有授权点击过。上网都是最新版 chrome。
不过没有设 2FA 的确是我的失误。平时 github 也就去 issue 观光为主没啥特别的用处。
所以这里也跟大家提个醒。。。。。有 2FA 的还是上 2FA 吧。。不要像我这样。。
 | 1 mywaiting 2019 年 1 月 24 日 其实我一直不是很明白 gayhub 的修改 primary mail address 的逻辑 修改原来的 primary mail 竟然是不用发邮件链接到 primary mail 点击后才能更换的,这让我特别无法理解 |
 | 4 x86 2019 年 1 月 24 日 好奇盗这个的意义在什么? |
| 5 mywaiting /div> 2019 年 1 月 24 日 @Pastsong 从账号的唯一性和安全性依然无法理解。毕竟这可是关系到账号核心安全的最后防线 考虑到你 primary mail 被收回了 /运营商倒闭了 /密码忘记了,我依稀记得(年代太久远,现在不一定是这样的逻辑)注册 apple id/gmail/dropbox 的时候都会有一个唯一的序列号,很长的账号恢复码,有这个号码就可以恢复账号了 |
 | 6 est OP @x86 可能我的 id 比较短 https://github.com/est |
 | 7 quinoa42 2019 年 1 月 24 日 楼主密码有多少位?好奇咋被盗的 |
 | 9 CatalinaMylove 2019 年 7 月 10 日 楼主你好,我的账号也盗了,也是没有通过原 email 去验证就被删号,先是提示密码被改,再是邮箱移除,再是删号提示三封 email 提示,完了我账号就提示不存在了。 请问你有解决吗?? |
| 10 est OP @CatalinaMylove 找客服。 |
Select Language