[NTLK] (no subject) -hmmm who ate the subject?

[Dan]

Hmmm, you know it makes me wonder if they manged to guess your password
recovery questions.  Personally I NEVER actually give real answers
there.  It is another long string of nonsense characters.  It is funny
(not really) when you think about it...many people now will use a long
password but password recovery questions that people might be able to
guess (especially if they know you).

I doubt that is true in Ed's case.  My bet would be the phone,
especially if it didn't use a secure connection while logging in and
someone managed to "sniff" that.  If I recall you can log into yahoo
with either http or https.  Some apps still use http by default.
Malware might be culprit but unless you have either a used phone or have
been loading unknown apps in the past 3 days...I suspect the connection
wasn't secure when you logged in and someone sniffed the wireless
traffic to either get your password OR the token/cookie.

-Dan

On 6/18/2012 1:50 PM, Ed Kummel wrote:
> It really is embarrassing...I don't know how they did it...All my passwords are 16 random character passwords. So someone had to work really hard to get into my account. 
> 
> Either that, or my recently acquired Android phone (about 3 days ago) acquired some malware that captured my Yahoo login. Yahoo says that someone logged into my account from Croatia using the web site...Um...I've never been to Croatia, and isn't Croatia a known hacking haven?
> Anyways, I have changed my password to 24 random characters and changed my questions to outright lies so nobody can guess them!
> We'll see...I have not logged into my Yahoo account from my Android phone yet, and all is still OK. I'm a little gun shy though right now.
> 
> Ed
> web/gadget guru