SIG Talk banner

1 - 20 of 49 Posts

·
Administrator
Joined
·
814 Posts
Discussion Starter #1
Hey all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management
 

·
Registered
Joined
·
55,365 Posts
potential risk, i've used the same pw/s on on several banking https sites for years that are easy to remember??

no financial info is swapped here & the only item available is my email address & state, so where is anything being compromised.:confused::confused:
 

·
Banned
Joined
·
17,715 Posts
Just what I needed, my 125th unnecessary password change and the recurring need to change it again once a year.

I design and program systems for Homeland Security and they require some really complex passwords, as they should as their data is very much need to know.

And do you know where they keep their passwords? They're too long and complex to memorize, so they put them on the bottom of their keyboards on sticky notes.

This stuff really works well.
 

·
Banned
Joined
·
1,824 Posts
I use a password manager on my tablet that uses a secure cloud shared file with my laptop and my desktop.
I use a 6 digit access to my phone and tablet, and a 15 character pass phrase for the laptop and desktop.
If I loose the file access password, I am screwed.
 
  • Like
Reactions: bearone2

·
Registered
Joined
·
109 Posts
I just changed mine due to the Linkedin leak.

Bob
 

·
Registered
Joined
·
3,387 Posts
  • Like
Reactions: bearone2

·
Registered
Joined
·
55,365 Posts
i was hacked in the opm travesty a couple years ago & had a lot more info snagged than on various forums i provide info to.
 

·
Administrator
Joined
·
814 Posts
Discussion Starter #10
hey there,

The article fails to mention that the breach was for a third party plugin. This breach is on countless sites across the internet and not just limited to ours.

We cleared our part of the breach and went this route to further security. This is also in place as many members on the internet use the same or similar passwords across all things they use.

We cannot go into detail at the moment as it is being dealt with on a legal level.

Thanks,


~Shane
 

·
Registered
Joined
·
1,187 Posts
hey there,

The article fails to mention that the breach was for a third party plugin. This breach is on countless sites across the internet and not just limited to ours.

We cleared our part of the breach and went this route to further security. This is also in place as many members on the internet use the same or similar passwords across all things they use.

We cannot go into detail at the moment as it is being dealt with on a legal level.

Thanks,


~Shane
It would have been great if you would have mentioned the context of this message. The fact that there was no mention of the breach in security is a little troubling.
 

·
Registered
Joined
·
260 Posts
Wonderful. I never log out of this site because I can never remember my passwords. Don't log me out bro.
 

·
Administrator
Joined
·
814 Posts
Discussion Starter #15
Hey all

At the time, we disclosed the information we were permitted to. As this is being dealt with through various law enforcement agencies, we are limited in the information we can divulge. The password reset was a necessary first step that had to be implemented in a finite timeframe.

Thanks all

Dayle
 

·
Registered
Joined
·
331 Posts
Only took me 2 days to get signed back in. No email notice that the password was changing like on the other forum owned by the same group. I could not get the change password procedure to send me an email, tried 3 times yesterday. Quit trying yesterday. Finally the procedure worked today. I hope the rest of the change over goes better then it has so far.
 

·
Registered
Joined
·
8,156 Posts
Only took me 2 days to get signed back in. No email notice that the password was changing like on the other forum owned by the same group. I could not get the change password procedure to send me an email, tried 3 times yesterday. Quit trying yesterday. Finally the procedure worked today. I hope the rest of the change over goes better then it has so far.
I have exactly the same experience. No email response, automated or otherwise. I finally went back to using the "other" pea green site.

Guess there server was overwhelmed? Anyway, what a PAIN.
 
1 - 20 of 49 Posts
Top