A user that was on the top 20 in the posts leaderboard mysteriously disappeared. I will reveal the truth right now. Someone got into his account and submitted a support ticket to have his everything on the Mineplex forums deleted. If I remember correctly, they have had about 500 posts or so. I would be pretty mad if someone hacked into my account and deleted it without my permission as that throws away all the work I put into it. Enough of that, let's jump right into how to protect your Mineplex forums account from being hacked or used with authorization. 1. Enable the 2-step verification process: This adds two more lines of defense from hackers. Other than just your email and password, your account security is upgraded with the verification code and email confirmation process. The verification code works like many other logins. This ensures that you are not a robot as they cannot use a cellular device. The email confirmation requires you to confirm via login email every time you log in from a new IP address. You must go to your email you log in to that account with and confirm it is you logging in. When someone just happens to guess your password (already very unlikely), they will need to have access to that email too, which is close to zero. 2. Have a rather long password than variety: In the world we live in today, people do not just blatantly guess passwords with the human mind anymore. There are such things like brute force hacker attacks that uses a computer to guess passwords for them. Those programs can generate up to billions of different password combinations per second, how common does your password feel now? For every new character you add to your password, the amount of combinations grows exponentially. There are over 100 different characters and if your password just contains several, it will not take very long, if not, instantly for those machines to guess it. Use online password generators to generate them for you, save it somewhere personal and copy and paste it when you log in. If your password takes over a qudrillion years to guess, you are safe. 3. Avoid using common passwords: Passwords like "password," "12345," or "abc" are all too breachable. Whenever you create a password, it gets saved to the website's database hashed through an algorithm as usually SHA1, MD5, or MD6, never as plain text. A hashed passwords is very long with a combination of lowercase letters and numbers. Every possible password combination of characters has a specific hashed version that represents it. Hackers use a device called rainbow tables that store all the common passwords with their hashed and plain text form. They would then use a website (unapproved link, sorry) to convert the hashed password into plain text. 4. Protect your computer: If your computer is wireless or does not use any antivirus software and is used not just by you, your email address and password is completely at risk.Using wireless isn't the safest form of using the Internet, as it can be hacked by people using network sniffers. If you have no other choice, make sure you have a WPA key on your wireless Internet connection. You can change or add one by going into Connections -> Your Wireless Network -> Wireless Map -> Your Router -> Properties -> Device Webpage. Then click Wireless Security Settings and then "WEP/WPA Key". Personally, I use both, Avast and Kaspersky as an antivirus to guard my computer. Hackers can create viruses that track everything you type, send it over, and they will eventually guess your login information. 5. Do not save passwords by any means: Someone can physically still get into your account without having to know neither you username/email or password. If you already have it saved for them, all they have to do is click "login." This would then give them full access and freedom of what they can do with your account, just like someone from the internet hacking into it. 6. Use secure shells when sending messages: Everyone should at least know what a VPN is. If you do not, the following is not for you to read. SSH stands for secure shell, which is a protocol for tunneling TCP connections. VPN is used widely for connecting to all kinds of ports, while SSH is more for remote connections. As far as I know, you can only setup SSH on your desktop, which is why it is more secure. The secure shell forwards any traffic from your computer and tunnels it through a random TCP. As you can see, this is similar to a VPN, but more tedious to setup. Why it is more secure than a VPN, though, I am not sure. I can just assure it is. PGP stands for pretty good privacy, and involves a public key that you and your recipient have, and a private key that only you have. This is really just for messages, or any type of data communication. Let's use an example with the names Noob and Scrub. Assuming they both have PGP software, Scrub creates a public and private key, and gives his public key to Noob. Noob would encrypt messages with this public key, making it unreadable to anyone intercepting the message. it would then be sent, and scrub would decrypt the message using his private key. And if scrub wanted to send a message back, the process would be flipped, and scrub would have to create a public an private key, and only give his public key to noob. It is a very tedious and confusing process at first, so I would only use it if you really can't afford to have certain messages read. Although, if you want to do this with every message, that is on you, and you will get used to it. 7. Stay away from sketchy links: Always question links sent to you, as you can very easily get your IP grabbed from a simple website. People who do this often use a basic website name, like the Mineplex website, and change it just slightly to the point where you wouldn’t really notice and click without thinking. Example: Mineplex.net. This isn’t a real website that will grab your IP, but just an example of what can happen. 8. Never reveal your password or authentication under ANY circumstance: This is rare and usually happens to 2 kinds of people: young, or people who have problems like not getting shards. someone can ask you your authenticator number and password. This can happen in DMs on Discord. Discord responds immediately so it is more likely on that. Say they will give something like free gems or shards, or free chests (if this was not in a Giveaway). Do not fall for this as you are then giving full access to your account. Account security should be taken seriously. Those who have gained unauthorized access to your account may do whatever they want with it and it probably would not be something you wished for. Because everyone else thinks it is you, they can do anything embarrassing with your account so that you get crap for it, not them. There are many other terrible things hackers can do with your account, like we saw recently.