Basic things to keep our discord accounts and servers safe

in #hive-163521last year

Discord is one of the most used chatting platforms for Hive users. There are so many other gaming communities and projects that are dependent on Discord. One of the biggest problems we have with Discord is that there are several bad actors who can hack the system and do some stupid things. A few days back Leofinance discord server had a similar incident where one of the admin accounts was hacked and the hacker pushed bots to take complete control of the server.

I would say that for any application, hacking is possible. Any bad actor can try and destroy any application if there are loose ends and we cannot build a product without any loose ends at all. I can say this without any hesitation being a developer. People say that there are systems that are very powerful but we might have seen news on how much Microsoft and other top companies are paying ethical hackers to break and penetrate their systems.

Considering the recent event that happened on Leofinance, I wanted to share some basic things on keeping the discord accounts and discord servers safe from hacks. Even if the server is compromised, there can be immediately action taken to protect the servers. Discord says that they cannot recover channels and messages once deleted. That's what happened on Leofinance Discord. The hacker introduced a bot and deleted all the channels on the server and also banned many active members of the community.

Basic login/logout/passwords

We are free to keep the security level of individual accounts high as well as low based on someone's usage. The same applies to servers as well. People can choose to keep a discord server highly secure and someone can keep it open to all with fewer restrictions. The basic thing to keep in mind is that passwords have to be strong. It is advisable to change your passwords frequently.

After the recent incident, it was also identified that login and logout can also help in gaining control of an account back if it is compromised. If an account is identified to be compromised and if someone else is in control of the account, usually logging out from all the devices and logging back in again helps in getting the account back. This technically resets the authentication tokens on the browsers and when logout and login happens, a new token is generated and the previous token loses its value. This logic applies to many web-based applications.

Two-Factor Authentication

This is the most important step for any server or any individual account. There is a setting on the server level to allow only 2FA-enabled admins to perform moderator actions. This is to prevent the server from getting affected even if the moderator's account is compromised. If an individual enables two-factor authentication, there is an additional layer of security to the users and even if their passwords are hacked, the hacker cannot penetrate further without access to the 2FA.

There have been cases where in spite of having 2FA, there is a chance that the hacker can still make use of the browser cookies to hack an account and make use of that. There are also ways to prevent this from happening and even if this happens, there are ways to get the control back.

Limited access to bots

If you are an admin of the server, make sure only a few people or only the most important person can add bots to the server. There have been cases where multiple people get admin access to a discord server and in order to experiment with new and attractive bots, they invite many bots to the server. It is not easy to keep track of all the bots and some bots are even capable of stealing all the messages on the server and preparing a complete data chart out of it.

The main server owner and a few users can have admin access to add bots to the server. I would even say that the server owner alone can have this access, this way unauthorized or harmful bots cannot enter the server without the knowledge of the discord server owner.

Saying up to date with the settings

Either be it individual or for the server, it is important to keep track of all the new settings that are getting introduced on discord security updates. Staying up to date with these settings and setting them properly helps in preventing abuse or hacking. Discord is also taking a lot of steps to improve the way the application works. But hackers are brilliant and they keep finding multiple ways to penetrate the application. Having the right server settings or individual settings should definitely prevent us from hacks.


If you like what I'm doing on Hive, you can vote me as a witness with the links below.

Vote @balaz as a Hive Witness

Vote @kanibot as a Hive Engine Witness



Sort:  

@tipu curate

Thanks for the curation. 🙂

You're absolutely right everyone using this platform uses discord pretty much the way we saw it a while back when it got hacked by hackers and it was pretty bad. We pray that the Discord of Finance will be set up soon and people can start posting updates and communicating there again.

pixresteemer_incognito_angel_mini.png
Bang, I did it again... I just rehived your post!
Week 159 of my contest just started...you can now check the winners of the previous week!
!BEER
11

Good one to educate people how to be safer in discord will reblog this
!HUG

Dear @bala41288, you just got hugged.
I sent 1.0 HUG on behalf of @caelum1infernum.
(1/3)

Really educational mate, so how's the leofinance discord server doing now?...

I guess they are slowly rebuilding the server back.


Hey @bala41288, here is a little bit of BEER from @pixresteemer for you. Enjoy it!

Did you know that <a href='https://dcity.io/cityyou can use BEER at dCity game to buy cards to rule the world.

I think a lot of people who are members of Hive are always making use of Discord as a means of communicating with each other...

Quite true. It is easy to communicate via discord for many people and projects.

This post has been manually curated by @bhattg from Indiaunited community. Join us on our Discord Server.

Do you know that you can earn a passive income by delegating to @indiaunited. We share more than 100 % of the curation rewards with the delegators in the form of IUC tokens. HP delegators and IUC token holders also get upto 20% additional vote weight.

Here are some handy links for delegations: 100HP, 250HP, 500HP, 1000HP.

image.png

100% of the rewards from this comment goes to the curator for their manual curation efforts. Please encourage the curator @bhattg by upvoting this comment and support the community by voting the posts made by @indiaunited..

This post received an extra 20.00% vote for delegating HP / holding IUC tokens.

Yay! 🤗
Your content has been boosted with Ecency Points, by @bala41288.
Use Ecency daily to boost your growth on platform!

Support Ecency
Vote for new Proposal
Delegate HP and earn more

Discord is one of the most used apps for every Hive lover, I think I spend most of my time checking the servers and to be very honest It is very necessary to keep our discord safe. thanks for these steps to keep our discord safe.

Yeah some people say that Discord is the first and best dApp for Hive people. 🙂

Congratulations @bala41288! You have completed the following achievement on the Hive blockchain And have been rewarded with New badge(s)

You received more than 38000 HP as payout for your posts, comments and curation.
Your next payout target is 39000 HP.
The unit is Hive Power equivalent because post and comment rewards can be split into HP and HBD

You can view your badges on your board and compare yourself to others in the Ranking
If you no longer want to receive notifications, reply to this comment with the word STOP

To support your work, I also upvoted your post!

Check out our last posts:

Our Hive Power Delegations to the May PUM Winners
Feedback from the June Hive Power Up Day
Hive Power Up Month Challenge - May 2023 Winners List