So it was the birdsite. I didn't even know I had a birdsite account, must have gotten it years ago. Anywho someone got access and tried to hackmyshiz. So if you have a birdsite account and it's linked to Gmail, yeah. You might not want to do that. Use proton mail or a different address. Change over to a different mail account before changing your passwords n such. Use a burner. Xhitter cannot be trusted at all.
I screwed up. That was a mess.
@vo1de it's time to turn on two-factor (2FA) for every account you have and have unique, long passwords or passphrases for every account. Don't reuse passwords. I recently moved off Google everything, and now use Fastmail for my email, which is cool because it let's me use unique (throwaway) masked emails for every login. It's crazy out there, don't make it easy on lazy hackers!
@bfgreen id love to. But I use voip as phone and 2fa doesn't work with that. So I'm sneaky. I'll have to check out fastmail, proton was working alright. I dig the multiple throwaways, that's a good idea.
@vo1de VoIP can be a pain for sure. 2FA via txt messaging is actually prone to attack, I switched to a Yubikey harware device for 2FA codes and the Yubikey Auth app on my laptop and mobile phone. Keeps my OTP tokens on the device, not in cloud app, and only generates when I use my Yubikey. Sounds complicated but it's not and tons of great vids on YT.