I just got a message along those lines on FTP. It gave me an option to either sign off or deny the other person, so I obviously denied and changed my password.

My password is saved on this computer (I never type it in manually), so it couldn't have been keylogged. The only other computer I have logged into FTP on was my roommates, but I used the keyboard map to type it in from there so I couldn't have been keylogged there either.

Is there anything else I should do? Is this common and I'm overreacting?

I used to get this on Party all the time when the internet would hiccup. Is it possible the internet lagged and there wa a conflict when you reconnected?

I suppose it is possible, it definitely didn't go show the reconnecting process on my screen though.

I guess I could have just reconnected like the same second as it showed me DCing. I wasn't at a table so I prolly wouldn't have noticed that I was lagging.

It could be what it is though. A password change was definitely a good idea. I remember logging on to Party on my laptop, forgetting to log off, then try logging on to
my home computer thus getting this message.

Can't be too careful, here.

what the hell a good friend of mine got the same message about 4 days ago

You might change your password from a different computer to ensure that if you did have a keylogger/trojan, that they also don't have your new password. Also, check out SnoopFree to ensure you don't have any keyloggers.

How strong is/was your password? If you have any kind of notoriety on FTP (i.e., people think you have a lot of money in your account), it's possible that somebody was launching a "dictionary attack" on your screenname--effectively trying every combination of letters until they happened to stumble across your actual password. In theory, FTP should also be on the alert for this sort of thing--too many failed attempts to log into an account should trigger some action on their part, at least sending you an email asking if there's a problem, perhaps temporarily suspending the account pending notification from you, etc.

Good passwords should include some combination of upper and lower case letters (NOT full English words), numerals, and punctuation.

QFT. People, please heed the above advice. I used to work in software design, and I was horrified at the percentage of end users who would try to set passwords to things such as their birthday, daughter's name, etc. This totally defeats the purpose of having a password in the first place.

Having a "good" password is very overrated. As long as your password isn't "password" or "123456" or some other variant, it makes almost no difference. "monkeydoodle5" is just as secure as "9WowttHq#BcL8wI!XOEaa". In fact, a good password may give users a false sense of security, i.e. "I can download anything because they'll never guess my password!"

Most important way to prevent your account being hacked is be careful with what you download and don't fall for scam emails / fake login forms.

Yeah that is stupid - I use 1234. Damn I have to change it now I told you. Mmmmm 2345. Damn again. 3456 Damn. Ok I have a new one but I wont tell you

WTF? How did you figure out my password?

Did Raymer ever say what his "weak" password was when he got hacked by someone guessing it?

My reply is a little late, but better late than never I guess.

I used the "character map" to change my password because to my knowledge this isn't trackable with keyloggers.

My password was made up of both letters and numbers and isn't a word found in the dictionary, nor anything that could really be connected to me.

On another note, doesn't the log in ignore upper and lower case letters?