So my account is hacked by someone and I can't do anything. The email has been changed to some random email and the password is also changed, ao I can't raise a forgot password request. I have been logged out of my pc and currently I am writing this blog through my phone, but I don't know how much time I have left. MikeMirzayanov please help.
Okay, but what do you expect Mike Mirzayanov to do? If you need my advice then delete passwords in password manager, if you need your codeforces account connect your account with facebook and change the code.
there is no feature of forgot password, mike can implement this I guess.
https://mirror.codeforces.com/passwordRecovery
Even if I do forgot password, verification mail goes to new email
https://ibb.co/0QswsrZ
Idk man, there are many flaws. I would appreciate if Mike can keep a otp verification system in place.
die hero or maybe bye hero:(
delete and make a new account like an alt
I hope you didn't chop off your hand, whenever you got a sprain.
Why would anyone hack your account...
agree, lets hack your account
I agree
If you have been logged out of your account, how do you still have access to it through your phone, even though you mention that the password and email have been changed?
I have no clue
good point
I guess the session lasts for a month for each device from the time of login. (This is the assumption I'm making because codeforces has this "Remember for a month" check box each time you login). So he might have logged in on his phone a little later than on his PC and hence has some access time left.
Can't you change your email from here?
and then recover your password?
I dont have the new password
Make new alt id, and decrease rating of this id
And how is anyone supposed to know who is the real owner of this ID
Is hacker writing this blog or the real owner writing from phone as mentioned.
Now this question leads us to bring a change in Codeforces.
Stop changing of email id after registering as this will help retrieval of account to the real owner only.
Or is there some smarter way to know the real owner of any ID ?.
I think the admin can check whether the IP address has changed from the usual one.If it didn't change,perhaps that's only a joke or people who know him did,if not,just do the decision depend on his phones's IP address. Forgive my poor English:)
I think it's not a good idea to figure out real owner from only IP address.
Let's suppose someone borrowed a laptop from his/her friend use it for now meanwhile he/she is still logged from his/her regular system.
And someone hacks the account then it is hard to figure out which IP address is hackers IP unless we tell Mike with all real owner logged in system's IP address (which is very complex method for retrieval).
And this is just a normal situation it may be worse sometimes so I guess not changing Mail id or adding some kind of 2 factor authentication while changing mail and password must be implemented.
The person who changed the email id logged in from an ukraine ip and changed my password first, then my email address. Obviously I am the owner who is using indian ip. But anyways, I think mike should just revert the email as the new email doesn't even exist. I can't email to it.
Yeah I am not doubting you
I am just telling that some authorization must be added
How do you know this? Does Codeforces show ip addresses of recent logins somewhere in its UI? If I want to check this information for my account, what would I need to do?
You'll receive an email like this.
I think hacker want to solve some problem, Let them solve they automatically delete your account. HaaH!
Maybe you're the hacker...
ᓚᘏᗢ
How come you're still logged-in in your phone if the password is changed
Who said I will be logged out? Maybe cf doesn't log me out.
then why didn't the hacker delete this blog?
The same is happening to me aa well although i have changed my password The ip is 193.176.84.195 Please Mike Mirzayanov have a look at it