|Topic Review (Newest First)|
if the passwords are too complex and strict at this time, we can revisit this subject a bit later down the line. :)
|Snowman1985||Super-duper passwords dont help hacks/breaches. The new password requirements are unnecessarily complex for a forum. This isn't access codes for nukes.|
Im sorry you feel its been poorly handled.
we will be and have been sending out forced password changes, patched our end of the breach a bit ago, putting in extra security, and notifying all users, admins, mods, including everyone at our office to make all the changes as the users have. its for the extra security boost. and also, to keep the users accounts safe, along with everyone elses for the future. this patches everything. its a matter of "just in case" kind of thing. :)
We appreciate all the input on the matter though. And we do apologize for any inconvience this causes.
Protecting your account here will protect this site from being vandalized, and will help protect accounts on other sites. The basic info (ie. email) that could be gleamed from a hacked account could compromise other accounts on different sites, ones that may have access to more sensitive information. paypal sites, shopping sites, etc. to name a few. Adding complexity puts a stopper on that happening. We are putting in this changes to not just amp up security, but also to help with user account safety as users use the same password, or in some cases, the same email and username for sites with more sensitive information when on the internet.
as such, we thought this would be the best course of action to touch base with all users, and cover everyone. :)
Let me know if you have any further inquiries and questions.
Originally Posted by administrator View Post
Since user data has been compromised, all users should be informed as they may use the same password for other sites (e.g. banking, email, etc.) That would be really important information that everyone needs to know.
This has really been poorly handled.
We are not at liberty to say too much as this issue is being investigated by authorities.
There are articles going around, talking about the issue, though they leave a lot out. A 3rd party plugin that we and other networks use had it's developers' compromised. Their DB was breached and data was scraped. I can't ID the plugin as it's under legal investigation. However I can say that it had access to user data because it functions separately from the vb software. Many plugins do this, chats, news letters, mobile apps etc. This is not an active breach, however as a precaution we did initiate security updates including password changes and new pass requirements.
I hope this helped clarify some things.
If you have any Concerns/Comments/Questions about this, please feel free to ask us here.
Why hasn't anyone mentioned that all of our logins/passwords have been breached?
Millions of Motorcyclists Hacked in VerticalScope Breach
45m passwords stolen from VerticalScope forums in massive data breach
VerticalScope Breach; 45 Million Users Affected
Originally Posted by Neanderthal View Post
You will receive a prompt to reset your password. I'm not too sure when this will happen, but within the near future.
You can go ahead and change your password now if you'd like, but as mentioned you will have to change it again.
For those of you who are curious on how to do that go to:
User CP -> Your Control Panel -> Settings and Options -> Edit Email and Password.
If you guys have any more concerns/questions/feedback regarding this issue, please feel free to post them here!
Thank you for your understanding and patience,
|Wesjob||Thanks for the update!|
|Neanderthal||Do we go ahead and change the password now (and where do we do that), or do we wait until we try to access the site and are forced to type in a new password?|
|Bamboo671||Thanks for the update and all the hard work you and the other admins do to keep this site great!|
|This thread has more than 10 replies. Click here to review the whole thread.|