I use 2-factor authentication on my google account -- when I log in on a new computer, it sends a code to my phone to confirm that it's me.

I was just sitting at my desk, about to go to bed, when unprompted, I receive a text message with one of these google verification codes. That means that someone has entered my user-name and password into the google login box!

Of course, I immediately opened up my account page and set a new password... and sure enough, my "Account activity" info says:

Last sign-in countries
Australia, Netherlands

I live in Australia, so someone in the Netherlands has gotten my password!

It was a 12 character password, made up of dictionary words and numbers, so it's guessable, but not easily.

I try not to use the same log-in details on different services usually... but my StarCraft 2 login details were this email address and this password, and (encrypted) SC2 user-data was stolen recently. When that hack occurred, I did change my SC2 password, but I didn't change my google password... so I guess it's possible that someone decoded the SC2 database and recovered my email/password from it, and tried to use them to log in to google, which would've worked...

Besides making sure that I don't have any other services where I use that password (and that email as the username), what else should I be doing? Have there been any other high-profile game database hacks recently that I could point the finger at? Anyone have any recommendations for good malware scanners that I should run to be sure my own PC isn't to blame?

weird, i literally got an email from gmail about suspicious activity yesterday, i changed my password, but it said it was from china.

i didn't realize blizzard's accounts were hacked=-\.

One idea is to prefix, infix or append every password with an identifier synthesised from the site. For example, if your password is "topsecret", the starcraft password might be sctopsecret and your gmail password would be gmtopsecret. This means that such password dumps will be extremely unlikely to affect you, as every password is unique. Most such attacks are automated, so it is unlikely that the attacker will account for even such a simple transformation. Well, until a large percentage of the starcraft passwords start with "sc" I guess...

This is particularly handy when you have too many logins to worry about them all. I have a couple of critical accounts that I value, which get their own passwords, but most of the other accounts I happen to create get one of a set of passwords, along with such "personalisation". I don't even follow these services closely enough to hear about breaches, so it is nice to feel that little bit more secure, even if I don't care too much about the individual services I wouldn't like them all to be hacked. It also hopefully puts you outside the low hanging fruit in the event of immediate exploitation of a breach that you aren't aware of yet.

I had this happen me before while I was at work, but there was no odd location/IP address. While I cannot discount a potential hack by a co-worker, I don't think this is likely. My work and personal passwords have no overlap. I chalked it up to a bug on Google's side, but I changed my password all the same.

My website was hacked this week. A javascript was injected into every single page. The site is hosted by Yahoo, and my theory is that someone somehow got my password. I changed the password and replaced all infected pages from backup.

Anyway,if there would be a keylogger or something,it would just show up on the process list in task manager.

How would someone recognize a malicious process? Its creator could simply create an innocuous name and description.

Password wise i'm using what i think is a good (but not perfect) solution.

For each service (and even subservice, anywhere where a different password is allowed) i use a guid or a substantial part of a guid.

I store the list of guids in an excel file on a file sync service, whose account is also GUID protected.

Means i need to open & copy paste each time i need to relog on a website, and doesn't prevent from hacking, but DOES prevent from having all your accounts corrupted on all websites when one gets corrupted as a GUID is not going to be guessable from another GUID.

or use a root kit revealer like sysinternals did