Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 11:14 am

Havoc wrote:Just changed my password. I even had to use the "I forgot my password" option, as I couldn't remember what password I used for this account :mrgreen:

I've got my eye on you. My one and only abbadon eye...

Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 11:20 am

enderkevin13 wrote:
Havoc wrote:Just changed my password. I even had to use the "I forgot my password" option, as I couldn't remember what password I used for this account :mrgreen:

I've got my eye on you. My one and only abbadon eye...

He's legit, dude. I'd really appreciate if you'd stop making posts like this.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 12:09 pm

wildweasel wrote:
enderkevin13 wrote:
Havoc wrote:Just changed my password. I even had to use the "I forgot my password" option, as I couldn't remember what password I used for this account :mrgreen:

I've got my eye on you. My one and only abbadon eye...

He's legit, dude. I'd really appreciate if you'd stop making posts like this.

Okay, just making sure. Can't be too sure at this point.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 12:11 pm

It's still not your business. And in doubt, check the person's posting history.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 12:20 pm

randi wrote:
Zhs2 wrote: convincing randi we need a better plugin, better blacklists, etc.

There's a difference between blocking random spammers and blocking somebody specifically targetting your board "for fun".
This is a fair difference, sure, and it's good to assume the worst in both cases when it comes to security. In that regard, although the damage has already been done and the best that can be done now is damage control, perhaps what the board needs is a slightly less or maybe even completely unautomatable captcha for the next time anyone begins to think the same way this guy does.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 1:25 pm

I thank the best way to do is to stay offline for awhile if this guy is trying his best to guess our passwords then it's best to stay away from here a day or two so we can
let the professional here to do there jobs.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 1:30 pm

Hellsmith1 wrote:It's not just your password that there trying to hack and I am not going to say anymore but be careful about what you post because once this hijacker or hacker sees what you post here it could be over with in a heart beat.
If there's one thing this situation was sorely lacking, it was vague melodrama.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 3:09 pm

Yeah, seriously. Hellsmith1, cut that out. It's not helping this thread any and it's just you trying to add to your post count.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 3:21 pm

Zhs2 wrote:This is a fair difference, sure, and it's good to assume the worst in both cases when it comes to security. In that regard, although the damage has already been done and the best that can be done now is damage control, perhaps what the board needs is a slightly less or maybe even completely unautomatable captcha for the next time anyone begins to think the same way this guy does.

Have any good ones?

Most are easily beaten these days. Anything that phpBB implements are extremely popular targets for CAPTCHA robot programmers, and the most popular plugins become high value targets as well.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 3:54 pm

I admit to not, and sarcastically exaggerating/not spending effort on research. I suppose though that, even for as simple as the current captcha is, it does the job it was set in place for. :shrug:

Edit: Well, someone did mention this. But still.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Tue May 31, 2016 9:18 pm

For password tips, how about long, descriptive sentences with cliché phrases that are slightly mangled as to be cringeworthily stupid (and thus memorable) and mixed metaphors so awkwardly placed they make your skin crawl when you type them?

Re: !!ATTENTION!! - Please Secure Your Passwords!

Wed Jun 01, 2016 2:14 am

Vaecrius wrote:For password tips, how about long, descriptive sentences with cliché phrases that are slightly mangled as to be cringeworthily stupid (and thus memorable) and mixed metaphors so awkwardly placed they make your skin crawl when you type them?
Just use KeePass to create a password-protected database for all your logins (you ARE using different passwords on different sites, right). That way, if you need to change a password for some reason, it's just one click to generate 32+ characters of un-bruteforcable gibberish which you can cheerfully copy to the clipboard with a double-click.

If you store your database in a (unshared, non-public!) Dropbox folder, you can also use it on various smartphone things through a number of apps. Very simple, very easy to get started, and Just Plain Good Practice.

There are other password database things and services out there, but Keepass is free and open-source, so it works for me.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Wed Jun 01, 2016 2:16 am

Kinsie wrote:words

I think KeepAss is a better capitalization, it helps you Keep your Ass [safe].

Re: !!ATTENTION!! - Please Secure Your Passwords!

Wed Jun 01, 2016 5:43 pm

KeePass actually might not be the best option? I personally recommend KeePassX.

Re: !!ATTENTION!! - Please Secure Your Passwords!

Thu Jun 02, 2016 2:39 am

I tried KeePassX but in my opinion that's nearly as useless. Just looking at the password store file makes it plainly obvious that this is a KeePassX password file - so anyone with bad intentions can find the file itself by looking for a simple pattern. In my opinion the only secure way to store stuff is not only to encrypt the data but also encrypt the file itself so that any pattern matching algorithm can't even find that.

I wouldn't store anything security related in the cloud when everybody can immediately see that it's security related.