CTX 1300 Forum banner

1 - 20 of 24 Posts

·
Administrator
Joined
·
294 Posts
Discussion Starter #1
Hello all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management
 

·
Registered
Joined
·
50 Posts
They're doing this on the Opel site too. Good thing, 'cuz I wouldn't want all of the super-sensitive information that I post on this site to be found by hackers.:rolleyes:
 

·
Registered
Joined
·
188 Posts
hmmmm ok
 

·
Administrator
Joined
·
294 Posts
Discussion Starter #6
The system will force change your password, and you will be notified by email.

If the system already did that, then you can disregard.

If you have not had your password force changed yet, then while you can change it now, it will still be changed by the system, and you will be required to change your password under the new criteria.

Thanks,
- JB
 

·
Registered
Joined
·
14 Posts
well, the new password was finally accepted after two days of trying and I wonder why a motorcycle forum needs this complexity. I still can't access the Versys forum after over 15 tries over two days, same software as this forum. I am more than just irritated since my emails to the whomever in charge of this circle jerk chooses to ignore me. I may be finished with the Versys forum.
PITA!!
 

·
Registered
Joined
·
2,006 Posts
Yep, I opened up Tapatalk to change the password and they locked me out before I could change it because Tapatalk retries multiple times.
At least we know the NSA subforum on this board is really safe.
 

·
Registered
Joined
·
20 Posts
I want to echo that the password requirements are ridiculous for a free motorcycle forum. I seriously considered leaving over it. If this turns into having to change every few weeks, I'm out.
 

·
Super Moderator
Joined
·
5,398 Posts
Security is becoming a really big issue on the least online web sites. Not because of the lack of needed security needed just for this or that web site but for the information a hacker can, and some have, gleaned from a simple user account no matter how minor it seems. From here a hacker can discover other more sensitive web sites where the same user has accounts even with different passwords and put together a dossier on a user that eventually provides them with the information they need to steal the ID of any user. At that point the hacker can create their own credit accounts using the stolen ID and rack up huge debts in the stolen users name. You, if you are the stolen user ID, would then be wanted by creditors to repay that debt. Even if you were to succeed in clearing your name it would take a huge cost and effort to do so completely. Likely there would always and forever more be a lingering black mark on your ID in some places. This is why this seemingly insignificant forum with your user account is taking this action. I work with Government security offices for the State (I know, oxymoron, especially since that woman was SOS), so I am constantly aware of these things. A great many people consider it to be a great inconvenience. I consider it a minor inconvenience brought on by a world where hackers live and are constantly attacking.
 

·
Super Moderator
Joined
·
2,162 Posts
This site is run by Vertical Scope, which also runs a whole bunch of other forums I belong to. For all the sites they are responsible for, not to mention all the revenue they are generating from them, a data breach like this is absolutely unacceptable. Yeah, maybe it's a minor inconvenience for us individually, but as a whole, there are thousands, maybe millions of users affected, which adds up to a boatload of inconvenience. For some people, I'm sure such forums are more than a casual social site like this one. Whoever is in charge of security at Vertical Scope needs to be shot. And then fired. Heads need to roll.
 

·
Administrator
Joined
·
294 Posts
Discussion Starter #15
Banner is legit or a virus?
The Banner is legitimate, it links to a full information page on where we're at so far with the breach investigation, what's being done to rectify it, and what's being done to prevent it in the future. As the actual nature of the breach is being investigated I can't give more information that what's linked in that banner notice

Kyle
 

·
Premium Member
Joined
·
324 Posts
I had been busy between corporate safety inspectors and getting ready for vacation but the most troubling reason for not logging in was the new password. I must have had a ginormous brain fart that I kept me from figuring it out. Needless to say. I'm sorry I haven't answered your PMs but I am glad to be back and will get on it ASAP.
 

·
Registered
Joined
·
2,006 Posts
Just tried to update my email address. Would not let me update my email unless I changed my password also even though the instructions say "optional".
 

·
Premium Member
Joined
·
972 Posts
I want to echo that the password requirements are ridiculous for a free motorcycle forum. I seriously considered leaving over it. If this turns into having to change every few weeks, I'm out.
" 2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it"
 

·
Premium Member
Joined
·
972 Posts
NYET!! We are Amerikans and should have our freedoms without trrroubles.

You vill take my password from my soft warm hands!

And I vant Windows on my motorcicle too!!

Boris
 

·
Administrator
Joined
·
294 Posts
Discussion Starter #20
Think I am recreating this issue. Occurs when you hit "Save Changes" right? Nothing happens unless you have the password fields filled? Shouldn't be like this.

I am recreating this on Firefox and Chrome. Can you confirm which browser you are using?

Kevin
 
1 - 20 of 24 Posts
Top