GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Stolen Passwords How To Find Them and Prevent Them

Femjoy Michael · 11-06-2013, 05:19 AM

I saw this thread:
https://gfy.com/showthread.php?p=19861288

and was rather surprised by the responses. If you run a paysite, it's important to prevent stolen accounts and password abuse. Bandwidth isn't as expensive, but server load can be deadlier. Paying customers want a site that loads fast and downloads faster.

The basic solution is to purchase specialized software or program your own to detect stolen accounts and block them. Strongbox https://www.bettercgi.com/strongbox/ is often recommended.

But what if you are just starting out and can't afford $269? Or you want more specific details? Or you do have a password solution but it isn't online yet and you need information NOW? I'll show you what I did on Femjoy / Joymii to detect stolen accounts. I've shared this with other program owners and I invite you to share your methods so we can all learn.

1. Install Google Analytics and Track Your Member Pages
I'm constantly surprised how many program owners do not track their members area. You should do it now. You get really useful insight into your member behavior. Once we did, something was obviously amiss. We had 15X the number of uniques per day, as we had members. For most paysites, your daily traffic should be 1/3 to 1/2 of your total member count.

2. Check Out Your Referrals.
There are two places:
Real-Time -> Overview -> Top Referrals.
Take this route instead of "traffic sources" because you can see the full urls of where the incoming traffic is from. You can see the exact pages where stolen passwords and logins are posted.

and

Acquisition -> All Referrals
Go here to catch the rest or the ones the previous days. Referrals with low bounce rates means working passes.

If at this point you can't afford strongbox or your solution isn't ready yet, you can easily catch 95% of the stolen accounts by manually finding them in this manner, and shutting them down. Most are reposts from the bigger forums so taking down the ones posted on the big sites usually does the trick.

When you first start doing this, you'll only find a couple of accounts. Taking them down gives you breathing room for days. But then the number of stolen accounts start increasing. If you are a medium size site, as you take down the stolen accounts, the hackers get more aggressive and post new accounts more frequently, to the point manually doing this requires checking at regular intervals during your day. That's inefficient. So do this:

3. Get Strongbox or Similar Solution
Get it. It's one of your best investments. You'll earn back the costs within a day if you are small-medium.

4. Google your site/domain
Open an incognito window/private window in your browser. Go to google and do a search of your site name and domain. If any pages with stolen passes for your site shows up within the first 2 pages of results, DMCA google immediately. Repeat the process for more refinement using "sitename.com passes", "sitename.com passwords", or something to that effect.

Here's what our member area traffic looked like before and after:

Finally, here are some of the big password sharing sites/forums

http://porn-w.org
http://dixvi.com
http://crackingforum.com
http://passlot.com
http://mygully.com
http://bugmenot.com

There is one other site, but I forgot the address because it uses "ganuurl.com" as the referral/redirect. I'll update this list once I remember. Pretty much taking down your stuff from these sites will do the trick, and any that show up as pastebin or similar.

SteveLightspeed had a comprehensive list from last year
https://gfy.com/showthread.php?t=1066323
but you don't have to go through them everyday. The most efficient way is to check where the majority of your traffic is coming from in analytics.

Best of luck

11-06-2013, 05:19 AM
Femjoy Michael Confirmed User Industry Role: Join Date: Sep 2012 Posts: 171	Stolen Passwords How To Find Them and Prevent Them I saw this thread: https://gfy.com/showthread.php?p=19861288 and was rather surprised by the responses. If you run a paysite, it's important to prevent stolen accounts and password abuse. Bandwidth isn't as expensive, but server load can be deadlier. Paying customers want a site that loads fast and downloads faster. The basic solution is to purchase specialized software or program your own to detect stolen accounts and block them. Strongbox https://www.bettercgi.com/strongbox/ is often recommended. But what if you are just starting out and can't afford $269? Or you want more specific details? Or you do have a password solution but it isn't online yet and you need information NOW? I'll show you what I did on Femjoy / Joymii to detect stolen accounts. I've shared this with other program owners and I invite you to share your methods so we can all learn. 1. Install Google Analytics and Track Your Member Pages I'm constantly surprised how many program owners do not track their members area. You should do it now. You get really useful insight into your member behavior. Once we did, something was obviously amiss. We had 15X the number of uniques per day, as we had members. For most paysites, your daily traffic should be 1/3 to 1/2 of your total member count. 2. Check Out Your Referrals. There are two places: Real-Time -> Overview -> Top Referrals. Take this route instead of "traffic sources" because you can see the full urls of where the incoming traffic is from. You can see the exact pages where stolen passwords and logins are posted. and Acquisition -> All Referrals Go here to catch the rest or the ones the previous days. Referrals with low bounce rates means working passes. If at this point you can't afford strongbox or your solution isn't ready yet, you can easily catch 95% of the stolen accounts by manually finding them in this manner, and shutting them down. Most are reposts from the bigger forums so taking down the ones posted on the big sites usually does the trick. When you first start doing this, you'll only find a couple of accounts. Taking them down gives you breathing room for days. But then the number of stolen accounts start increasing. If you are a medium size site, as you take down the stolen accounts, the hackers get more aggressive and post new accounts more frequently, to the point manually doing this requires checking at regular intervals during your day. That's inefficient. So do this: 3. Get Strongbox or Similar Solution Get it. It's one of your best investments. You'll earn back the costs within a day if you are small-medium. 4. Google your site/domain Open an incognito window/private window in your browser. Go to google and do a search of your site name and domain. If any pages with stolen passes for your site shows up within the first 2 pages of results, DMCA google immediately. Repeat the process for more refinement using "sitename.com passes", "sitename.com passwords", or something to that effect. Here's what our member area traffic looked like before and after: Finally, here are some of the big password sharing sites/forums http://porn-w.org http://dixvi.com http://crackingforum.com http://passlot.com http://mygully.com http://bugmenot.com There is one other site, but I forgot the address because it uses "ganuurl.com" as the referral/redirect. I'll update this list once I remember. Pretty much taking down your stuff from these sites will do the trick, and any that show up as pastebin or similar. SteveLightspeed had a comprehensive list from last year https://gfy.com/showthread.php?t=1066323 but you don't have to go through them everyday. The most efficient way is to check where the majority of your traffic is coming from in analytics. Best of luck