!!ATTENTION!! - Please Secure Your Passwords!

We sure do have a lot of rules and guidelines threads - find them all here, and please make sure you've read them! Also, community-wide announcements (that aren't major ZDoom News) go here as well.
boris
Posts: 706
Joined: Tue Jul 15, 2003 3:37 pm

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by boris »

Marrub wrote:and know how to type it?
Just use a password manager and you don't have to know how to type it.
User avatar
Marrub
 
 
Posts: 1167
Joined: Tue Feb 26, 2013 2:48 pm
Preferred Pronouns: They/Them
Operating System Version (Optional): Arch Linux
Graphics Processor: ATI/AMD with Vulkan/Metal Support

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by Marrub »

boris wrote:
Marrub wrote:and know how to type it?
Just use a password manager and you don't have to know how to type it.
Of course. I would really imagine 1,114,111ⁿ or something like that I don't know how to math would be far more secure than 62ⁿ, so unicode passwords would be quite secure. :P
Edit: Actually, it would be something more like 255ⁿ², but that's still much better.
Accensus
Posts: 2377
Joined: Thu Feb 11, 2016 9:59 am

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by Accensus »

It was just a suggestion so it has not been implemented just yet. Not even sure if it'll ever come to pass.
[This was regarding the inactive approval suggestion.]

EDIT: Nevermind, the post is gone, lol. Don't delete posts, mate. Pleez.
User avatar
kevansevans
Spotlight Team
Posts: 404
Joined: Tue Oct 05, 2010 12:04 am
Graphics Processor: nVidia with Vulkan support

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by kevansevans »

Holy crap, no wonder I had to get mod approval for everything I posted. Sorry to whomever was putting up with my posts, I don't visit often enough ;-;
User avatar
Gothic
Posts: 794
Joined: Thu Jun 16, 2011 6:49 pm

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by Gothic »

kevansevans wrote:Holy crap, no wonder I had to get mod approval for everything I posted. Sorry to whomever was putting up with my posts, I don't visit often enough ;-;
I don't remember your account being hacked, but still you should change your password with a more strong one, just in case.

By the way, when I logged in, I got the "too many attempts" message again. That fucker doesn't give up, does he? I wish it could be possible that thing that Eruanna mentioned earlier, six months minimal I'd say.
User avatar
wildweasel
Moderator Team Lead
Posts: 21510
Joined: Tue Jul 15, 2003 7:33 pm
Preferred Pronouns: He/Him
Operating System Version (Optional): Windows 10, 21H1
Graphics Processor: nVidia with Vulkan support

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by wildweasel »

Gothic wrote:
kevansevans wrote:Holy crap, no wonder I had to get mod approval for everything I posted. Sorry to whomever was putting up with my posts, I don't visit often enough ;-;
I don't remember your account being hacked, but still you should change your password with a more strong one, just in case.
Yeah unfortunately you've run right into one of the measures we've been trying to put up to stop the hijacker; accounts that haven't visited in more than a certain amount of time have been redirected back to the approval queue.
User avatar
Coraline
Posts: 447
Joined: Wed Aug 15, 2012 3:41 pm
Location: California

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by Coraline »

Got the "too many login attempts" again. Ive been getting those a lot lately - good thing I always use strong passwords ;)
User avatar
YukesVonFaust
Posts: 1309
Joined: Mon Feb 09, 2015 9:00 am
Location: why the hell did they remove custom titles for this?

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by YukesVonFaust »

Coraline wrote:Got the "too many login attempts" again. Ive been getting those a lot lately - good thing I always use strong passwords ;)
Same thing goes to me, too!
osjclatchford
Posts: 2058
Joined: Mon Feb 07, 2011 5:02 am

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by osjclatchford »

likewise... its getting quite annoying every-time I log in to be honest... I still expect to log in and find I've been hacked and loads of abuse been posted in my name or something...

its another worry we could all do without truth be told... :|
Accensus
Posts: 2377
Joined: Thu Feb 11, 2016 9:59 am

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by Accensus »

Change the "captcha", maybe? It's the same question everytime. Doesn't really help, does it? It may be a little too late for that, but it'll sure prevent further successes in the area of brute force.

EDIT: As long as its something random-generated and hard to predict...
User avatar
Rachael
Admin
Posts: 13102
Joined: Tue Jan 13, 2004 1:31 pm
Preferred Pronouns: She/Her

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by Rachael »

For now, just put "X" for your password to trigger the question. That's a lot less effort than typing in your password twice and getting frustrated by the question appearing, which by now you probably have the answer memorized anyway.

Also, if you are the only one using your computer, use the option to remember your login. If your password is secure enough anyway, you have very little need to worry about someone compromising your account. phpBB will give your browser a special key that automatically enters your username/password (serverside only, obviously) and logs you in every time you visit the forum. And unless someone gets access to your browser cookies, no one can steal that, anyway.
User avatar
Graf Zahl
Lead GZDoom+Raze Developer
Lead GZDoom+Raze Developer
Posts: 48359
Joined: Sat Jul 19, 2003 10:19 am
Location: Germany

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by Graf Zahl »

Apparently the hijacker changed tactics. Instead of trolling the more recent posts look like mass-spamming with pointless shit, apparently only designed to create work for the mods here.
I'm just wondering: Doesn't the forum software have the ability to mass-delete posts by a specific user to make that task easier, instead of manually moving all the shit to the garbage bin?
User avatar
wildweasel
Moderator Team Lead
Posts: 21510
Joined: Tue Jul 15, 2003 7:33 pm
Preferred Pronouns: He/Him
Operating System Version (Optional): Windows 10, 21H1
Graphics Processor: nVidia with Vulkan support

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by wildweasel »

Graf Zahl wrote:Apparently the hijacker changed tactics. Instead of trolling the more recent posts look like mass-spamming with pointless shit, apparently only designed to create work for the mods here.
I'm just wondering: Doesn't the forum software have the ability to mass-delete posts by a specific user to make that task easier, instead of manually moving all the shit to the garbage bin?
Sadly, none that I have any access to.
User avatar
Rachael
Admin
Posts: 13102
Joined: Tue Jan 13, 2004 1:31 pm
Preferred Pronouns: She/Her

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by Rachael »

Is there any reason to preserve the troll posts other than looking up IP addresses? (which is virtually useless when chasing down someone abusing proxies)

It might make everyone's life easier to just use the MCP and approve/disapprove in mass. You can destroy and hour's worth of work in 30 seconds just with the tools built into phpBB.
User avatar
wildweasel
Moderator Team Lead
Posts: 21510
Joined: Tue Jul 15, 2003 7:33 pm
Preferred Pronouns: He/Him
Operating System Version (Optional): Windows 10, 21H1
Graphics Processor: nVidia with Vulkan support

Re: !!ATTENTION!! - Please Secure Your Passwords!

Post by wildweasel »

I did just find an option to Delete All Posts by User, which has worked in this specific instance but I wouldn't want to use it on an account that has made more than a handful of posts in the past, since it eradicates ALL of the posts.

IP addresses and hostnames are all being logged in every instance, though.

Return to “Rules and Forum Announcements”