Skip to main content

Protect Your Online Life - Prevent Blog Loss

We've been seeing a few queries recently, in Blogger Help Forum: Get Help with an Issue, suggesting very subtle account attacks going on.

Some reports are about accounts locked (and blogs temporarily offline), because of "suspicious" / "unusual" activity. Other reports are sadder - and mention blogs now owned by another person. When we're able to identify the new blog owner, too many look like intentional hackers.

Temporarily offline - or permanently stolen - both are stories that you do not want to tell. Fortunately, both stories can be prevented.

If you know the risks, and you can protect yourself and your Blogger account, you can be simply irritated by the ongoing hacking attempts.

I, personally, am no stranger to semi successful hacking. This blog has been taken offline twice, since Blogger / Google started their hacking mitigation program ("suspicious" / "unusual" account activity detection).

Once the activity takes place, and is detected, your account will be locked, and your blogs taken offline - though you may not see the two conditions as connected. However, if you protect yourself, you can treat an attack as a mere nuisance.

Consider what details are used, by Google, in requesting backup authentication.

When Google requests additional identity details, after you have successfully provided your account name / email address, and your password, they will ask for demographic details such as:
  • Any passwords that you have used previously.
  • What services (such as GMail, Google+, YouTube) have you used - and when did you first use them.
  • How recently did you use a given service.
They appear to request these details randomly, in an effort to keep the hackers guessing.

Observing that these details are sometimes requested, it would make sense to have a 2 part policy.
  1. Don't reveal these details, about yourself, online.
  2. Take a few hours, whenever you have time - research, and record these details so you will have them when they are useful.

If you travel frequently - or if your Internet service makes you appear to move around your immediate neighbourhood - you may need these details sooner than you would expect.

If your Internet service changes, giving you a new email address - or if you change jobs, graduate from school, move and have different / new Internet service - prepare for the change. The first time you login, after a change, have the details needed, where they can be conveniently retrieved.


You may see this notice - even when you did nothing wrong - if your account is disabled for "suspicious" / "unusual" activity. Google code can be fickle, at times.

Here's hoping that you don't suffer from high blood pressure or chronic indigestion.



Google 2-Step Verification is a better way to protect yourself.

Google 2-Step Verification uses any of several options.
  • A physical USB key, registered by you before trouble starts.
  • Backup, one use authentication codes, retrieved by you before trouble starts.
  • An authentication code generator, installed on your smartphone / tablet, registered by you before trouble starts.
Note the requirement "before trouble starts". After you get the "Your account is now locked" advice, and see your blogs now offline, it may be too late.

I, personally, see the "suspicious" / "unusual" activity notice - or receive "Please provide additional proof of identity" - several times yearly. Using my USB key, inserted into the computer, and tapping the button, I am generally back online within minutes.

If you're lucky, you may need neither additional details, or 2-Step.

Not everybody will need either proof of identity. I suspect a large proportion of the world population will go through life without ever seeing the "suspicious" / "unusual" account activity warning.

And if I convince you to do any or all of this, you never need to do it - and you come to me in 5 years and call me a wanker or worse, for wasting your time - I'll smile and at least know that you are not one of the people in the forum.
My blog is offline and I had to spend time figuring when I setup my GMail and YouTube accounts!
or
Help me! My blog is missing from my dashboard - and it's throwing spam at my readers!
I really prefer being called a wanker (or worse).

---

Some Blogger blog owners are reporting new instances of "suspicious" / "unusual" account activity - some successfully executed, and blogs stolen. The sad part is that much of this can be avoided, by advance owner action.

Researching backup authentication details, and / or use of Google 2-Step Verification, can allow the owner of an attacked Blogger account to growl, and respond - and possibly have the account and blog(s) back online in minutes or hours. But the work has to be done before trouble starts.

Comments

So, is there a way to put that 2-step into place with an existing blog? A way to turn just my regular logging in, into a 2-step log in? Yes, I could seek the answers to this elsewhere, but you're just so darned smart at these things!
Chuck Croll said…
Hi Penniwig,

Google 2-Step is an option that you add to any Blogger / Google account, from the "My Account" page.

Check out the current 3 options offered.

http://blogging.nitecruzr.net/2013/06/use-google-2-step-verification-to.html
Thank you! I will go to the link!

Popular posts from this blog

Custom Domain Migration - Managing The Traffic

Your blog depends upon traffic for its success.

Anything that affects the traffic to your blog, such as any change in the URL, affects the success of your blog. Publishing the blog to a custom domain, like renaming the blog, will affect traffic to your blog. The effects of the change will vary from blog to blog, because of the different traffic to every different blog.Followers. People who find your blog because of recommendations by other people.Search engines. Robotic processes which methodically surf your blog, and provide dynamic indexing to people who search for information.Subscribers. People who read your content from their newsfeed reader, such as the dashboard Reading List.Viewers. People who read your content from their browser.No two blogs are the same - and no two blogs will have the same combinations of traffic sources.

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.