Tulex
Solar Wizard
Sorry, didn't catch that the name matched. Guess the way you said this is the user, my brain assumed it was different.The username there matches the username here. Guessing the account was compromised (most likely scenario).
Sorry, didn't catch that the name matched. Guess the way you said this is the user, my brain assumed it was different.The username there matches the username here. Guessing the account was compromised (most likely scenario).
Yeah, I just checked my cameras. I was driving back from lunch when it happened. Maybe a pocket dial thing? Anything is possible. But me, going in and setting all settings to default is not something I would have done purposely.@millsan1 A while back, I thought my account had been hacked too, but it turns out I was trying to record a video.. I played it back, and realized I had done it myself. I suspect the likelyhood of someone hacking your account to mess with you, is pretty low. Occams razor would sugest that.. like my scenario, you likely did it without realizing it.
my best bet its either the account is compromised or the user reset to default accidently, because looking at the logs there's to many setting changed by a single user name which is the owner account. any settings that changed is being recorded except if the setting is done on the inverter screen.Sorry, didn't catch that the name matched. Guess the way you said this is the user, my brain assumed it was different.
Yeah, that is me fixing the problem.my best bet its either the account is compromised or the user reset to default accidently, because looking at the logs there's to many setting changed by a single user name which is the owner account. any settings that changed is being recorded except if the setting is done on the inverter screen.
Are you sure you should be posting details from people's logs like this? I would not be happy if you did that to me that's for sure.my best bet its either the account is compromised or the user reset to default accidently, because looking at the logs there's to many setting changed by a single user name which is the owner account. any settings that changed is being recorded except if the setting is done on the inverter screen.
I'm not sure why would be bad it just a history logs of setting, there's no sensitive information in my opinion.Are you sure you should be posting details from people's logs like this? I would not be happy if you did that to me that's for sure.
besides my serial number and station name?I'm not sure why would be bad it just a history logs of setting, there's no sensitive information in my opinion.
you posted your serial number here. and its useless to anyone unless you have a super admin account with luxpower or EG4.
Serial number not a privacy concern to anything or any device other than how inner systems operate and what employees have access to from there.besides my serial number and station name?
he already has app / web access on that list so he's using multiple devices to reset his settings. Assuming it's all under the same IP it'd be easierIf the system logs IPs obviously that could be confirmed with the OP via PM.
But again this is a common thing with password reuse (not saying that happened as I have no clue about millsan1s "opsec").
Serial number not a privacy concern to anything or any device other than how inner systems operate and what employees have access to from there.
E.g. certain ISP employees can identify you via device serials
similar with the IMEI / IMSI numbers of a phone. Anyone with those numbers can uniquely track your device globally but they need access to the systems in the first place.. And that type of access they could be doing that tracking already regardless.
Anyway if these were unique keys they'd be random generated strings, not anything close sequential numbers like serials are.
*cough except for social security lmao
he already has app / web access on that list so he's using multiple devices to reset his settings. Assuming it's all under the same IP it'd be easier
but yea I agree, a list of all sessions and their IPs is easiest method to see what is logged in. Sessions list being far superior.
Google, netflix, facebook and some other places usually make that available and let you see whom currently has an unexpired session key and can login.
In order to access accounts in many online systems you don't need username or password at all, you just need a valid key. This is why browser addons are dangerous as they can just steal that. Hence the heavy crack down on them last several years.
What do you mean by physical?Yeah but those session attacks need "physical" (obviously could happen without being physically there) access and in this case it's simply trying to track down whodunnit and an IP would generally be sufficient as most attacks aren't going to originate from legit sources but mostly from datacenter blocks that are known to not care who runs what (I love those, they are my most favorite thing in the world when one of our users does the bad thing).
yep password managers are good, I definitely wouldn't trust an online one thoughLastpass is my friend - a bazzilion passwords - not one the same and none less than 12 characters unless the stupid webste won't allow complex and longer.
Serial number not a privacy concern to anything or any device other than how inner systems operate and what employees have access to from there.
E.g. certain ISP employees can identify you via device serials
similar with the IMEI / IMSI numbers of a phone. Anyone with those numbers can uniquely track your device globally but they need access to the systems in the first place.. And that type of access they could be doing that tracking already regardless.
Anyway if these were unique keys they'd be random generated strings, not anything close sequential numbers like serials are.
*cough except for social security lmao
he already has app / web access on that list so he's using multiple devices to reset his settings. Assuming it's all under the same IP it'd be easier
but yea I agree, a list of all sessions and their IPs is easiest method to see what is logged in. Sessions list being far superior.
Google, netflix, facebook and some other places usually make that available and let you see whom currently has an unexpired session key and can login.
In order to access accounts in many online systems you don't need username or password at all, you just need a valid key. This is why browser addons are dangerous as they can just steal that. Hence the heavy crack down on them last several years.