Linden Lab Official:Safeguarding your account and protecting your password

From Second Life Wiki
Revision as of 09:03, 5 October 2009 by Fritz Linden (talk | contribs) (Initial Parature import)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Kb-seal.png

This article is part of the Extended Second Life Knowledge Base that includes advanced and specialized information. This information was originally provided by Linden Lab, but is not actively maintained nor guaranteed to be accurate. Linden Lab does not certify nor assume any responsibility for this information.

See the official Second Life Knowledge Base for the most current information.

This article discusses the following topics:


  • Why keeping your password safe is important
  • Tips for keeping your password safe
  • Some strategies used for stealing your password
  • Password reset tips
  • What to do if you've been the victim of phishing


Protect that password!

Account security is serious business, regardless of what finds you in Second Life. If your password is free to a criminal for the asking, so is your inventory, your friends & groups, your land, your L$, and whatever unspent balance remains in the payment method on file. Never give out your password to anyone inworld -- even your friends or your partner. See section 2.3 of the Terms of Service for more information about your responsibility to select and maintain a secure password. If you need to change your password, click here.


Make sure your password is secure

Is your password strong enough? Here are some tips for creating a stronger password:


  • Using six characters or more is a good idea.
  • Use a combination of numbers and letters.
  • Add CAPITAL LETTERS and numbers.
  • Avoid common words or phrases for your password.


Do not give your password to anyone

This means friends, family, loved ones or Linden Lab employees inworld. Pets too; you never know.



KBnote.png Note: Note: No Linden Lab employee will ever ask for your password inworld. You can tell if someone is really a Linden Lab employee inworld by their last name. Did you know that all employee avatars use the last name Linden?


Do not use the same password on third-party websites that you use for your Second Life account

This is a good idea in general, but it especially applies if the site is Second-Life-related. Phishers rely on people using the same password on other sites that they use for Second Life. So if a fraudster gets your password on a third-party site or through an email, they can go right to your Second Life account.


Be careful when you access the Second Life world from a computer that is not your own

Make sure that you uncheck the Remember Password checkbox on the Second Life viewer's login screen. Do you really want the next user of that computer to have access to your Second Life account?



Don't be fooled by password-stealing tricks

Don't let anyone trick you into revealing your password. Beware of the following password-stealing scams:


"Password-protected" items

If someone gives you an object or gift that requires a password before it can be "opened," do not be fooled! Once you are inworld, you do not need to submit your password in order to gain access to any item or location. As a general rule, you should never type in your password anywhere but the login screen for the Second Life viewer or directly at secondlife.com!


Free Linden Dollars!!!!!

If you are being spammed inworld or anywhere else regarding the purchase of L$ or free L$, you're almost certainly being spammed by a fraudster.



"Phishing" Web sites

"Phishers" may aim to snatch your password by tricking you into entering your password at a Web site that looks legitimate but really isn't. If someone sends you a link to login to any site other than secondlife.com with your Second Life information, you should ignore it.


If you are suspicious of an email or a link, you should login directly to the official Second Life site by typing www.secondlife.com into your Web browser.


Avoid these "phishing" pitfalls:


  • Phishing schemes that claim you'll receive a "prize" of free Linden Dollars after logging into a trick Web site with your Second Life password.
  • Promises of free Linden Dollars or access to a "hack" or "cheat" that require Residents to give up their password. Guess who really gets cheated?
  • Emails that suggest that your account will be terminated if you do not update your billing or account information. If you are unsure about the status of your account, you can always login directly to the Second Life Web site (rather than clicking on a link within an email). If you want to report a fake email, you can forward it to security@secondlife.com.
  • Using the same Second Life password on other sites. Some online con artists rely on people doing this. So, if they get your password on a third-party site or through an email, they can go right to your Second Life account. We recommend that you never re-use your Second Life login password on any other site, especially sites about Second Life that Linden Lab does not operate.


Password reset tips

  • If you forget your password, you can reset it. Visit here to reset your password.
  • You can also change your password here. You'll need to know your security question answer and have a valid email address on the account.


What if I don't receive my email?

If you request a password change or reset, you should receive an email to the address with which you originally registered your Second Life account. If you don't receive the automated email (perhaps because the account's email address on record has also been changed), submit a support ticket using the Special Questions - Basic account or Guest Login ticket type. From the dropdowns below the Ticket Type, select Account Issues and I believe someone else has logged into my account, then fill in the required information.


What if I don't know the answer to my security question?

If you do not remember your security answer, or cannot type it exactly the way you did when registering, you will need to contact Support, preferably over the phone, to verify your identity and reset your security question. Support cannot retrieve passwords.


Tips for phishing victims

If you've been the victim of fraud, contact our fraud hotline at 800 860 6990. Then, talk about it. Post your experience to forums, blogs and chat. Tell others about who it was and how it happened.


It is unfortunately impossible to list, in real-time, every Website operating a phishing operation; many are gone before they are discovered. Basic Web and search engine optimization skills are all that are needed to create a site that appears legitimate. We therefore urge you to make every effort to know who you're dealing with, and always remember: if the offer is too good to be true, it probably is.

Retrieved from "https://wiki.secondlife.com/w/index.php?title=Linden_Lab_Official:Safeguarding_your_account_and_protecting_your_password&oldid=505612"