Embedded Files
If you are reading this, you may be interested in locking a balance for a period of time while either you cool off, or wait for a redeem, to stop yourself from cancelling it or playing more. Not all casinos offer measures like this and some actively seem to discourage it, so this is a method that requires no third party or friend, and is still possible to potentially recover in the case of catastrophic failure.
This is slightly more complicated if you use a google login for the casino; as you will need to do this for your whole google account, and if you need it for other things, it will not be accessible for the duration. Depending on the relative value, this may or may not be worthwhile.
I will be using MyPrize as an example as I have a password there, not google login.
First, you will need to make a burner gmail account. Use a SHA-256 tool (one is also provided below) to make some very complicated username, taking the first 30 characters, such as: 33e512bb63b9cfd4edf9c80ba337a76@gmail.com. Add this account name to your main email's address book, that way it won't get filtered accidentally later.
Hash another complicated long sentence,
(like: 'asdfgfdgbaedf;jbghd;b63b9cfd4edf9458haeasdfgfdgbaed6749f;jb4690460ghd;bhaebhfdhgrhrygfbhfdhgrhrygfj')
and hash that, getting the password for this email, which we won't be using again:
'48c10383803dea103a0a3c2f757873e3a78f004c2d39ff868d90e69133a3305b'.
They force you to pick a recovery phone, but it doesn't actually stay on the account as far as I can tell. Skip adding a recovery email. Alternatively, you can use a different service, but gmail is reliable for this. Now, keep this browser open while we change the passwords on your casino account.
You now have your payload account.
Go back to your casino account. If it's a google account, that's fine too. There are ways to recover it of course, but that's why there's a second step to getting into the email at all.
Recover the account (change the password) and now prepare a new hash.
Like before, take some random string of characters that's very long and hash it with SHA-256. However, it should still be a string we can remember is our password and not something else later.
Something like:
'meowmix69696969#^^^meowcatwowmiacat13437^'
hashes to:
'dd562d1761d878e1471fec6982f8e1133158b751e4b794cc6f65ed80f39b8621'
Start drafting an email on the throwaway account. Include that password, but not the hash. Note the date, not that you'll forget.
Schedule send the email to a later date. We can say: one week from now.
It's now scheduled to send, and it will send to your main email in one week. You can repeat this process with any other emails that you think might be too risky to have access to; and change their emails, and then schedule-send the password to yourself. Log out and close the browser, and clear the cache of incognito mode, and you no longer have access to that account so long as you didn't save the previous password.
The hash will be your casino account's (and primary gmail account, if needed) password. Remember if you are using a gmail login and need to change that password and remove the recovery methods, to schedule send this to an account you will have access to or can recover.
So I change my myprize password to this, add a dollar sign on the end and capitalize whatever the first letter is to satisfy the special character and caps requirement: Be consistent and you will be able to figure this out later.
Dd562d1761d878e1471fec6982f8e1133158b751e4b794cc6f65ed80f39b8621$
This ^ is now my myprize password.
Now, you will need to also do this for the account that can recover this, and once finished, you should have a much more difficult time getting back into your accounts. Even better if you used throwaway emails to set up the casino accounts, or alternate ones: they are much easier to lock up like this.
In seven days, you will get the email with the password. Hash it, and you'll get the above hash again ^, which you can just apply the capital letter and $ to the end to, and you now have your password, which is impossible to guess via brute forcing.
Flaws:
- Google accounts can be recovered even forgetting the passwords. So there is some discipline required. Hopefully it creates enough of a barrier.
Google Sites
Report abuse