Nissan Titan XD Forum banner

1 - 12 of 12 Posts

·
Administrator
Joined
·
328 Posts
Discussion Starter #1
Hello Everyone,

Per the latest announcements we will be resetting everyone’s passwords. Shortly you should be receiving an email directing you how to change your password. It will look like this:

Subject: Your new password for *site name*
Dear *username*,

Your password has been reset by an administrator. Your new details are as follows:

Username: *username*

Password: *Randomly generated temp password*

To change your password, please visit this page: *link to password reset edit page from USERCP*

If you suspect this email is a scam, you can confirm the legitimacy of this email by manually navigate to the forum URL yourself and use your new password to log in.

All the best,

Site Name


As you can see it will give you a randomly generated temporary password, as well as telling you where you need to go to updated it accordingly.

If you do not receive this email please go to the contact us page and select Other, and type in Security Password Update Issues

We’re sorry for the inconvenience.



The Community Support Team
 

·
Registered User
Joined
·
100 Posts
The requirements for a acceptable password is unreasonable.
This is a forum, not data sensitive information, nor a banking institution

Bull crap!
 

·
Registered User
Joined
·
88 Posts
If the data was stolen, wtf does it matter how secure the passwords are? If the database can be hacked through a standard member account, they just need to make their own account. The mobile version of this site doesn't even have a way to change the password.
 

·
Super Moderator
Joined
·
287 Posts
Hacking is a problem everywhere, and many forums (not just Verticlescope) are requiring passwords with more complexity.
 

·
Administrator
Joined
·
328 Posts
Discussion Starter #10
If the data was stolen, wtf does it matter how secure the passwords are? If the database can be hacked through a standard member account, they just need to make their own account. The mobile version of this site doesn't even have a way to change the password.
If you're on a mobile browser, go into desktop mode (browser settings allows you to pop into desktop mode without saving cookies, you can go back to mobile mode right after)

i hope it never logs me out cause i already forgot my new password.
If your browser is set to save and update new passwords to usernames, this shouldn't be a problem.

Lee
 

·
Registered User
Joined
·
285 Posts
The only thing I found aggravating about the change is that I was trying to log in using my already secure password and it kept failing. Finally reset it and all was OK.

I use Keepass2 portable. Nothing on my computer, in my browser or online in a cloud somewhere. Can access any of my 30+ accounts from anywhere and leave no trace. I "keep" a couple of backups that are updated immediately when updating. A variation of my password for gaining entry into the database would take 3 1/2 billion years to crack.
 

·
Administrator
Joined
·
328 Posts
Discussion Starter #12
[FONT=&quot]Why strong passwords, per unique website, are important:[/FONT][FONT=&quot][/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]In the event of any data breach, be it malware sniffing encrypted passwords over the wire, or a database grab of encrypted data, hackers focus their efforts on decrypting what they found. Forums generally use a double md5-hash + unique user salt. This means that, to get your password, they would try one of two ways: [/FONT][FONT=&quot][/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]1) Setup their own staging area and try and brute force crack your password with a dictionary file (using software like John the Ripper). This method means they try variations of words, names, numbers and upper/lower case letters. If your password is Helena22, you will be an easy target. If your password is 5v23dWWdg,L!2 the dictionary won't match it. Or, [/FONT][FONT=&quot][/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]2) They look at other data sources where they stole info from and already cracked (Twitter, Ashley Madison, Badoo, Linkedin, etc) and match your email address up. If you re-use your password anywhere else, they try the pas[/FONT][FONT=&quot]sword they have on file first. [/FONT]
[FONT=&quot] [/FONT]
[FONT=&quot]The more complex (and unique!) your passwords are for each of the various web services you use, including this forum, the lower the odds they will crack it, and you make option #2[/FONT][FONT=&quot] less probable.[/FONT]
[FONT=&quot]
[/FONT]

[FONT=&quot]Helena
[/FONT]
 
1 - 12 of 12 Posts
Top