Ignatzmice Forums

Login  |  Register  |  Advanced Search  |  Help  |  RLD FAQ  |  Archives 1999-2004
Post new topic  Board index » Site » Announcements  Page 1 of 1
 [ 7 posts ] 
  Previous topic :: Next topic
some accounts hijacked
Posted: 2015-07-01, 10:02 pm

BlutoBlutarsky Admin
Posts: 1961
Reply to topic  Reply with quote 
Folks,
Three users with high post counts had their accounts hijacked around the same time. In each case, the password was changed, and then the email address associated with the account was changed so that the legitimate user would not be able to recover the password.

I am reaching out to those affected via email with new passwords. If you are affected and have not heard from me, please use the "Contact Us" link and get in touch, but use the email address associated with your account please!

I cannot stress enough: PLEASE pick a password that is difficult to guess, as long as possible, and preferably containing more than just letters... throw some numbers and a punctuation mark or two in there. After this incident I'm pretty sure it's time to examine the password policy for new accounts.

The server does not seem to have been compromised. I'm hoping this incident is due to weak passwords and nothing more...

Edit: it's User Control Panel->Profile->Edit account settings to change your password!

_________________
A friend of mine has a trophy wife, but apparently it wasn't first place. --Steven Wright
Re: some accounts hijacked
Posted: 2015-07-01, 11:10 pm

neurosynthPower Kat XXX
Power Kat XXX
Posts: 2733
Reply to topic  Reply with quote 
Having taken over the account did the attacker do anything with it? I ask in case he/she took over other accounts but *didn't* change the password on those, and thus might remain undetected but active.

_________________
http://tinyurl.com/eurolights - CLOSED FOR NOW - Sadly Google has disallowed public access to this map. I'm seeking alternative platforms. If you have suggestions, please message me!
Re: some accounts hijacked
Posted: 2015-07-02, 4:39 am

ams2008damPower Kat XXX
Power Kat XXX
Posts: 1767
Location: UK
Reply to topic  Reply with quote 
i dont really understand tech stuff on the web but very worrid now about my security online now.Thanks for the warning on this should i close that email account now as it would have been hacked.lol.

why would you want to hack a site like this.....
Re: some accounts hijacked
Posted: 2015-07-02, 3:25 pm

Aldebran LinkbatSupporting Member
Supporting Member
Posts: 586
Location: UK
Reply to topic  Reply with quote 
How do you change your password on here?

The only reference to passwords I can find in the help pages is to get it reset with the "I've forgotten my password" option when you log in.

_________________
"an 8-inch miniskirt allows the connoisseur the exquisite satisfaction of that shameful desire to put your hand up a girl’s skirt and touch her knickers".
Latest Trip Report - Aldebran Linkbat July 2022 - Finally back in Amsterdam
Re: some accounts hijacked
Posted: 2015-07-02, 6:42 pm

retro Power Kat
Posts: 970
Location: U.k
Reply to topic  Reply with quote 
Aldebran,

Click on User control panel at the top of the screen, then on the left click on Profile, then Edit account settings. You should be on the change password screen.
Re: some accounts hijacked
Posted: 2015-07-02, 7:08 pm

BlutoBlutarsky Admin
Posts: 1961
Reply to topic  Reply with quote 
neurosynth wrote:
Having taken over the account did the attacker do anything with it? I ask in case he/she took over other accounts but *didn't* change the password on those, and thus might remain undetected but active.
ams2008dam wrote:
why would you want to hack a site like this.....


Well, as a regular user, the only thing one can "do" is to make a post or send a private message. Those affected can check their post history and PM sent box for anything they do not recognise, though I think it's unlikely anything like that was done (because what's the point?)

Here's what I think happened: the attacker specifically went after accounts with high post counts, in the hopes that one or more may have moderator or admin privileges. I am guessing maybe the goal was to steal email addresses for spamming purposes. It's not really clear to me. Either way, these were thought out criminal actions, perpetrated using the Tor network (google that if you're unfamiliar.) Pieces of shit. Spammers really need to be executed...

_________________
A friend of mine has a trophy wife, but apparently it wasn't first place. --Steven Wright
Re: some accounts hijacked
Posted: 2015-07-02, 7:33 pm

BlutoBlutarsky Admin
Posts: 1961
Reply to topic  Reply with quote 
Some reading material for anyone who may be unsure about what constitutes a strong or weak password:

https://www.reddit.com/r/explainlikeimf ... _strength/

https://en.wikipedia.org/wiki/Password_ ... _passwords

Edit: Also, stronger passwords really don't have to be a pain in the ass. It's totally possible to pick a password at least 10 characters long, containing both upper and lower case letters, one or more numbers and one or more symbols (our requirement now for new accounts) that's still actually easy to remember. For example, something like
Code:
Anal Sex and Bondage for $3.50 on Tuesdays

would satisfy the requirement. :-)

Edit: This is really cool

_________________
A friend of mine has a trophy wife, but apparently it wasn't first place. --Steven Wright
Display posts from previous:  Sort by  
Post new topic  Board index » Site » Announcements  Page 1 of 1
 [ 7 posts ] 


Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum