It seems these days that the tragic tales of stolen Xbox Live accounts are becoming more and more frequent. To keep things in perspective, the actual percentage of people who get their accounts hacked is really quite low, minuscule even when you consider Xbox Live has approximately ten million subscribers. However in this day and age you simply can’t be too safe. I stumbled upon some great tips offered by Anton P. Nym (a Master Forum Ninja on Bungie.net) that lists several excellent suggestions for keeping your Xbox Live account secure. Maybe you will learn something new, maybe it will simply be a much needed refresher. Whatever the case, it’s definitely worth your time to make sure you are doing all of these things to actively protect your gaming account and its related financial information.
- Use a private e-mail address, one that the general public doesn’t know and that you don’t use for MSN/AIM/GoogleTalk/etc, for your LiveID.
There are a plethora of free e-mail services you can choose from these days, all offering a variety of services and features. Top free email services include Gmail, AOL Mail, Global Mail Exchange, Yahoo! Mail, and Inbox.com. Do some research, pick one that works for you, and get yourself a new e-mail account. When your registration is complete, update your Windows LiveID e-mail account information by signing in, selecting Settings from the left sidebar, then choosing E-mail address.
- Tie in an e-mail address you check regularly as a secondary address for your LiveID, so you’ll spot any weirdness like password change requests going on right away.
To do this, first sign in to your Windows Live ID account. After signing in you will be taken to your account summary page. There will be a link to click to add an Alternate e-mail address. Since your account now has a secondary e-mail account associated with it (assuming you completed the first step), enter your main e-mail account that you regularly check as your alternate address.
- Do NOT use easily-guessed answers to Password Recovery “hints” questions. And yes, it’s not hard to look up stuff like the name of your first pet or your favorite teacher in the days of Facebook. (And even if you do delete that information before using it, the Wayback Machine website might still list it.) If you do use one of these questions, LIE in some way that’s not easily guessed but that you’ll still remember.
Your Windows Live ID account will allow you to specify your secret question to make resetting your password more convenient.
1. Sign in to your account (you will then be at your Account Summary page).
2. Right above where you added an alternate e-mail address, there will be the word Question. Click Add or Change.
3. You will then be prompted to enter your password.
4. Select a question from the question list (you have six different options to choose from).
5. In the Secret answer box, enter your answer of choice.
6. Complete the Your Information section (you will either be double checking information you have already entered or updating your current information).
7. Save your updated changes.
- Don’t use words commonly found in the dictionary for your password.
Microsoft has several helpful hints to assist you in creating a strong password.
1. Make it lengthy. They recommend having it at least eight characters in length, preferably 14 characters or more.
2. Combine letters, numbers, and symbols. Use the entire keyboard, not just the most common characters.
3. Use words and phrases that are easy for you to remember, but difficult for others to guess.
Check the strength of your password at Password checker, a program the does not “collect, store, or transmit information beyond the computer that you use to access Password Checker”.
- Change your password every now and then.
How do you know if you need to change your password? Check its strength. If it doesn’t pass as strong or higher, it’s time to change it. Other circumstances where you need to immediately change your password are if you told it to anybody else or if you have ever written it down anywhere. Can’t remember the last time you changed it? Now’s a good of time as any to create a new one.
- After going through all the above, for Forerunners’ sakes DON’T SHARE ANY OF THE ABOVE ADDRESSES/PASSWORDS WITH ANYBODY.
Microsoft has more hints on keeping your password secret.
1. Don’t reveal your password to others. That means friends, family, and especially people offering to level up your account. Don’t do it. Besides being against Xbox Live’s Terms of Use, the risks involved (with a credit card being tied to your account) simply aren’t worth it.
2. Never give out your password over e-mail or based on an e-mail request. Unfortunately phishing scams and fraudulent e-mails are incredibly common these days. Educate yourself so you can instantly recognize them.
3. Do not type passwords on computers that you do not control.
Now go make sure your Xbox Live account is safe and sound. You can game when you are done.
*Tips taken from Anton P. Nym with his permission.
Good advice, for certain, but it really is sad that we should have to be so careful with our XBL accounts.
*shudders*
It really is sad that gamers have to protect themselves from other gamers. Thanks for helping to spread the advice, bs angel!
Hacking Xbox Live Accounts is really nothing short of pathetic. I heard some kid who won the ‘all-coveted’ (by everyone except me apparently) Recon Armor straight from Bungie themselves got his account stolen just so the thief could *ahem* “haz recon”. Really just sad.
Apparently the “Recon theft” has happened more than once through social engineering. It is sad though, and it makes me wonder how they think they will get away with it.
Bungie doles out recon for people they think deserve it, it can be turned on and off very quickly. So if an account is hacked all they need to do is turn it off until the original owner gets a new account (or the original back) and then they can turn it on again. It seems like a big waste of time and energy if you ask me.
Whats worse is that there are not stricter security measures for people who call in to the XBL help line, with personal and financial information, it should more like a bank than a help desk. But thats just my opinion.
I think it wasn’t the best idea for Bungie to publish the names of those who got Recon in the past, as that blatently made those accounts a target for hacking, but it seems that they are not publishing a list of names for the Recon winners in the Grifball playlist, which is good news for the winners.
I am happy to see they have stopped posting the gamertags as well. It definitely puts a target on their back unfortunately.
I wrote this over the weekend and actually changed all my passwords everywhere and just updated my information in general. I was surprised that I didn’t have a secondary email address associated with my Windows LiveID nor did I even have a security question selected. Definitely worth a few minutes to just pop into your account and check the status of things.
Yes.
You can also change your Windows Live ID email by clicking here:
http://support.microsoft.com/gp/Messenger
and then click “change sign in”
Found that out yesterday!
I had a guy send me a voice message the other day offering to get me an XBL account with Halo 3 ranked up to General in exchange for my account. Needless to say I deleted the message. XBL needs a “report user for phishing”.
I just had my account stolen by A guy who has stolen over 30 accounts his main accounts are as follows BIF TOXSIC, I TOXSIC I, BIF XPECTZ, BIF Chaotic, xjoe the 13ossx, these are all the same guy and are all stolen accounts that he has not paid for.. nobody has done anything about it and he keeps doing it proudly and with no care for other peoples money… why dont you write a story about that and real ways to keep it away from him this article sucks and is of no help non of this helped and he took it effortlessly…..
I’m sorry to hear your account has been stolen. You are completely right, this article is not a foul proof guide, simply some basic tips. I do hope you get your acount back.
I really hate hackers… as name implies xD, anyway, these tips do help… and here’s another one, don’t save your password either, because my account was hacked, and it was because of someone actually looking into my history, and looking for the saved password option, YES it is true, so DO NOT SAVE YOUR PASSWORD!!!!
[...] Here are some tips to protect you in the future. http://hawtymcbloggy.com/2008/03/19/prot…; [...]