Ducati.ms - The Ultimate Ducati Forum banner

1 - 7 of 7 Posts

·
Administrator
Joined
·
995 Posts
Discussion Starter #1
Hello all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management
 

·
Premium Member
Joined
·
1,496 Posts
"Just to be safe" is a bit of an understatement, according to this:

Hacker steals 45 million accounts from hundreds of car, tech, sports forums | ZDNet

"In a sample given to ZDNet, the database shows email addresses, passwords that were hashed and salted passwords with MD5 (an algorithm that nowadays is easy to crack), as well as a user's IP address (which in some cases can determine location), and the site that the record was taken from."
 

·
Administrator
Joined
·
995 Posts
Discussion Starter #3
The article fails to mention that the breach was for a third party plugin. This breach is on countless sites across the internet and not just limited to ours.

Their system was compromised and they grabbed user data for us and thousands of others. They failed to notify us of the issue.

We cleared our part of the breach and went this route to further security. This is also in place as many members on the internet use the same or similar passwords across all things they use.

We cannot go into detail at the moment as it is being dealt with on a legal level.

Thanks,
- JB
 

·
Registered
Joined
·
237 Posts
Oh Lord, that means I have to change all my passwords... actually just the one... like so many others I have no doubt been careless of my security & people like me are probably a menace to IT managers.
I have now successfully been through the password reset procedure apart from a glitch that resulted in Support asking me to confirm to them that I had been able to log on. Unfortunately my reply email to Danielle bounced back this evening. Only reason I could see for that is the request to "please write above this line" in the reply - my email setup will not allow me to do this as far as I can see.
Ducati.ms page loading very glitchy this evening; page freeze, ducati logo & cursor flickering like crazy, then shockwave crashed. All my other pages have been fine.
 

·
Registered
Joined
·
237 Posts
Thanx for reminder! Have cleared cache completely but page is still acting strange, cursor, refresh button & Ducati logo on page header intermittently flickering on & off like crazy together (every 30 secs or so). Preventing anything being done, scrolling, typing etc. Other pages ok I think but will explore further. Damn PC's!
 

·
Administrator
Joined
·
995 Posts
Discussion Starter #7
Thanx for reminder! Have cleared cache completely but page is still acting strange, cursor, refresh button & Ducati logo on page header intermittently flickering on & off like crazy together (every 30 secs or so). Preventing anything being done, scrolling, typing etc. Other pages ok I think but will explore further. Damn PC's!

Can you get us a screen shot?

lee
 
1 - 7 of 7 Posts
Top