use the following search parameters to narrow your results:
e.g. sub:pics site:imgur.com dog
sub:pics site:imgur.com dog
advanced search: by author, sub...
~2 users here now
Information Security Technology sub. For resources, news, memes, and community.
Please review the rules before participating.
After Account Hacks, Twitch Streamers Take Security Into Their Own Hands
submitted 1 year ago by BackwardsCompatible from techcrunch.com
[–]sawboss 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 1 year ago (0 children)
One way to deal with this is when a streamer wants to connect their game have Twitch generate a cryptographic nonce. The player will then enter the nonce into the game client which uses that to establish the connection. The nonce should only grant limited access to the account, and certainly not the privilege of changing the player's Twitch password. In this way the game client only has access to limited portions of the account during each session.
[–]AschTheConjurer 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 1 year ago (1 child)
I was curious as to why I got an email about my defunct twitch account being logged in.
Does OP have a link to the original story about the hacks?
[–]BackwardsCompatible[S] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 1 year ago (0 children)
It's basically account stuffing. A large chunk of the stolen information came from the Town of Salem breach. Attackers used that login information on twitch and other platforms to get access.
To check if your email was comprised anywhere.
Let me know if this is what you are looking for.