IMPORTANT: Account Security Announcement

Includes Forum Rules and Major Announcements. Post feedback, concerns, and forum issues. Moderation applications and public votes also take place here.

IMPORTANT: Account Security Announcement

Unread postby James » Tue Mar 01, 2011 5:28 pm

Hello everyone,

I have noticed over the past few weeks that my admin account both here, and at Simulated RTK, has been requiring a manual re-login due to 'failed login attempts'. This has happened to another administrator here as well. A review at the support forum discussion board for our forum's software suggests that this has become a problem in numerous areas and currently developers behind this software insist that it is probably the result of gutter-borns attempting to hack accounts for some nefarious purpose or another. I'm not entirely convinced of this and suspect it could be due to some software bug or another and a security exploit, but as it stands, I have yet to realize a confirmed case of an account actually being compromised.

You may be affected but may not notice due to the 'automatically log me in next time I visit' preference option. Some boards have had issues with this resulting in bigger problems, but I suspect we have avoided real problems thus far because we use a custom CAPTCHA authentication system specifically to defeat bots.

But, better safe than sorry, right?

All I ask from everyone (especially folks who have special privileges on the forum) is that they take a moment to reflect on their password. A good password should contain uppercase and lowercase characters at least a number, potentially even including something fun like a space, tilde, underscore, or whatever. If you are using a truly lazy password please change it. That also includes using your username as your password. A common means of compromising forum accounts is to try and log in as as that user with a common password, and some basic steps taken to avoid this will do the trick.

If you've encountered any sort of problems please do share your thoughts.
Kongming’s Archives – Romance of the Three Kingdoms Novel, History and Games
“ They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.”
  — Ben Franklin
User avatar
James
Sausaged Fish
Sausaged Fish
 
Posts: 17937
Joined: Fri Jun 14, 2002 3:21 pm
Location: Happy Valley, UT

Re: IMPORTANT: Account Security Announcement

Unread postby Sun Fin » Tue Mar 01, 2011 5:43 pm

Gah, I'll change my password then... So much effort :P.
“I learned that courage was not the absence of fear, but the triumph over it. The brave man is not he who does not feel afraid, but he who conquers that fear.” ― Nelson Mandela
User avatar
Sun Fin
Scholar of Shen Zhou
 
Posts: 6568
Joined: Sat Nov 10, 2007 9:20 pm
Location: The birthplace of radio

Re: IMPORTANT: Account Security Announcement

Unread postby SunXia » Tue Mar 01, 2011 10:11 pm

Done Master though I doubt anyon would have gotten my Irish password!!
If becoming enlightened or an intellectual means I must become arrogant and coldly cynical about the world around me then I'd gladly remain a fool for the rest of my life!!

I'm Out4Marriage!!!Are You??

It is a CHOICE!!
User avatar
SunXia
Warrior Princess
Warrior Princess
 
Posts: 6531
Joined: Sun Jul 31, 2005 3:48 pm
Location: Keeping Evils from this world at bay...with a smile!!

Re: IMPORTANT: Account Security Announcement

Unread postby Sun Fin » Tue Mar 01, 2011 11:26 pm

Just tried to log in on my phone and found that someone HAS maxed out my password attempts!
“I learned that courage was not the absence of fear, but the triumph over it. The brave man is not he who does not feel afraid, but he who conquers that fear.” ― Nelson Mandela
User avatar
Sun Fin
Scholar of Shen Zhou
 
Posts: 6568
Joined: Sat Nov 10, 2007 9:20 pm
Location: The birthplace of radio

Re: IMPORTANT: Account Security Announcement

Unread postby SunXia » Wed Mar 02, 2011 12:01 am

Got the same message after logging out and back in when I read Sun_Fin's post!! If there are attempts to get into our accounts, the people are pathetic!!
If becoming enlightened or an intellectual means I must become arrogant and coldly cynical about the world around me then I'd gladly remain a fool for the rest of my life!!

I'm Out4Marriage!!!Are You??

It is a CHOICE!!
User avatar
SunXia
Warrior Princess
Warrior Princess
 
Posts: 6531
Joined: Sun Jul 31, 2005 3:48 pm
Location: Keeping Evils from this world at bay...with a smile!!

Re: IMPORTANT: Account Security Announcement

Unread postby TooMuchBaijiu » Wed Mar 02, 2011 12:57 am

My account got the "maxed out attempts" thing too. And I don't have a lazy password. Innocuous word, numbers, all that.
I don't write fanfic, but if I did it would involve Zhou Yu and Zheng He fighting to win the heart of Lai Choi San. Then I'd make them join forces to fight Ming the Merciless, who secretly works for Master Li. I'd squeeze Lu Bu in there somehow.
User avatar
TooMuchBaijiu
Scholar of Shen Zhou
 
Posts: 1469
Joined: Mon Nov 29, 2010 4:15 am
Location: In 1939, chasing Frida Kahlo with a Gillette

Re: IMPORTANT: Account Security Announcement

Unread postby Zhuanyong » Wed Mar 02, 2011 1:31 am

Interesting indeed.

I haven't received any messages regarding maxed out login attempts. But I also utilize letters and numbers in all of my password out of habit. I may amp up the security on it though.
Avatar: N/A

[No comment]
User avatar
Zhuanyong
Scholar of Shen Zhou
 
Posts: 5355
Joined: Mon Sep 27, 2010 8:58 pm
Location: If I told you, would it really matter?

Re: IMPORTANT: Account Security Announcement

Unread postby Qu Hui » Wed Mar 02, 2011 3:05 am

Hmm, I haven't recived any messages about that either, and my password contains no symbols or numbers. I may have to increase the security as a precaution...
My avatar is Roy from Fire Emblem: Binding Blade, as he appears in Fire Emblem: Awakening
Quote of the "Day": "The world always seems brighter when you've just made something that wasn't there before." -Neil Gaiman
User avatar
Qu Hui
Scholar of Shen Zhou
 
Posts: 1796
Joined: Wed Jul 19, 2006 3:34 pm
Location: #SoSZ, 24/7

Re: IMPORTANT: Account Security Announcement

Unread postby GuoBia » Wed Mar 02, 2011 4:08 am

I've only gotten it when I've tried to log on with a school computer through school internet.
Guo run! Guo run!!!!
User avatar
GuoBia
Scholar of Shen Zhou
 
Posts: 1155
Joined: Sat May 02, 2009 7:11 am
Location: For the Southlands!

Re: IMPORTANT: Account Security Announcement

Unread postby James » Wed Mar 02, 2011 4:16 am

GuoBia wrote:I've only gotten it when I've tried to log on with a school computer through school internet.

It is probably because on your regular computer you have it set to remember your login. On the public computer it isn't set to remember you, so it queries your login history when you try to log in. Either way it is pretty surprising how widespread this is. I hope they figure out a little more about this. If it can be tracked to a predictable proxy, or something along those lines, I would love to ban it and cut back on this a little...
Kongming’s Archives – Romance of the Three Kingdoms Novel, History and Games
“ They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.”
  — Ben Franklin
User avatar
James
Sausaged Fish
Sausaged Fish
 
Posts: 17937
Joined: Fri Jun 14, 2002 3:21 pm
Location: Happy Valley, UT

Next

Return to Public Council

Who is online

Users browsing this forum: No registered users and 1 guest

Copyright © 2002–2008 Kongming’s Archives. All Rights Reserved