CRZ
Big Brother Administrator Level: 239
Posts: 10183/17695 EXP: 212428202 For next: 1732597
Since: 9.12.01 From: ミネアポリス
Since last post: 8 days Last activity: 3 days
| ICQ: | |
| Y!: | |
|
| #1 Posted on 11.7.08 1952.48 Reposted on: 11.7.15 1952.52 | I'm pretty sure I saw some SQL injection attacks pass by a few hours ago. They were only after the admins' accounts but you never know. I've put some safeguards in place to ensure that their attacks will no longer work and will try to keep an eye out for any suspicious activity for the next week or so but for your own peace of mind, you might want to go ahead and change your password, then log back in with the new one. Promote this thread! | | rinberg
Boudin rouge Level: 51
Posts: 441/495 EXP: 990720 For next: 23225
Since: 30.1.02 From: South Georgia
Since last post: 4462 days Last activity: 743 days
| #2 Posted on 11.7.08 2116.27 Reposted on: 11.7.15 2118.29 | { Sorry, you must be logged in to see this text! }
This may or may not be relevant to the changes that you just made, but when I changed my password and clicked the "Edit Profile" button at the bottom of the page to save the new password, I was automatically logged out as expected, but the page displayed that error and wouldn't display the forums. When I logged in using my new password, everything appeared normal. When I logged out again everything appeared normal. In short, no harm done to me, but I thought you would want to know. | CRZ
Big Brother Administrator Level: 239
Posts: 10184/17695 EXP: 212428202 For next: 1732597
Since: 9.12.01 From: ミネアポリス
Since last post: 8 days Last activity: 3 days
| ICQ: | |
| Y!: | |
|
| #3 Posted on 11.7.08 2210.00 Reposted on: 11.7.15 2210.08 | No biggie. That message (and lack of forum action) is a side effect of your old password being kept on in your cookie...that's why logging in "fixes" it. I should probably recode it to log you out if you change your password, though. Hmm....I'll give it another looksee.
(edited by CRZ on 11.7.08 2213)
OK, I fixed it so you're automatically logged out if your password is changed. Click on the ol' "Login" link to get back in. If you have any problems, IM or email me.
(edited by CRZ on 11.7.08 2226) | Dexley's Midnight Jogger
Pepperoni Moderator Level: 70
Posts: 891/1049 EXP: 3008249 For next: 7577
Since: 10.10.02 From: New Hampshire
Since last post: 3706 days Last activity: 3621 days
| #4 Posted on 13.7.08 1848.03 Reposted on: 13.7.15 1854.05 | I changed mine. I'm not keen on computer stuff and I have two different passwords for about 7 or 8 websites. Is there a school of thought whether this is a good idea or should I have multiple passwords? None of the sights are for financial accounts or anything serious. | Guru Zim
SQL Dejection Administrator Level: 152
Posts: 4890/6207 EXP: 44132626 For next: 169136
Since: 9.12.01 From: Bay City, OR
Since last post: 8 days Last activity: 19 hours
| ICQ: | |
| Y!: | |
|
| #5 Posted on 14.7.08 1059.53 Reposted on: 14.7.15 1101.23 | I personally use a different password here than other sites, because I figure this is the most likely site I go to that could have problems I don't have a lot of faith in this code being bulletproof. We do what we can.
Bank stuff should have a different password than low security stuff, yes. You should probably use different passwords for each banking service in case one is compromised. | DJ FrostyFreeze
Scrapple Level: 119
Posts: 2715/3467 EXP: 18396453 For next: 532893
Since: 2.1.02 From: Hawthorne, CA
Since last post: 137 days Last activity: 137 days
| #6 Posted on 14.7.08 1311.29 Reposted on: 14.7.15 1312.40 | Originally posted by Guru Zim I personally use a different password here than other sites, because I figure this is the most likely site I go to that could have problems I don't have a lot of faith in this code being bulletproof. We do what we can.
Bank stuff should have a different password than low security stuff, yes. You should probably use different passwords for each banking service in case one is compromised.
I used to have 5-6 different passwords for no good reason, but now I've got them narrowed down to 2 Important Stuff passwords (I only use one banking service site) and 1 I Dont Care About This Crap password. | rinberg
Boudin rouge Level: 51
Posts: 443/495 EXP: 990720 For next: 23225
Since: 30.1.02 From: South Georgia
Since last post: 4462 days Last activity: 743 days
| #7 Posted on 15.7.08 0908.30 Reposted on: 15.7.15 0909.12 | I'm trying to reform my behaviour concerning passwords. Formerly, I had three passwords with lengths of 6, 8, and 10 characters, one of which was numeric. Recently, after I started using the Portable Apps Suite (portableapps.com), I tried out the Portable Apps version (portableapps.com) of KeePass (keepass.info) and I've liked it pretty well.
Basically, I've come up with one REALLY LONG password with multiple numeric characters based on things that I can use to remind myself what that password is supposed to be. Then, I put the URLs to the sites that I wish to be secure, such as banking, into the KeePass database and allow KeePass to generate for me a more secure password: long and random. Since it uses the same encryption that the banks are using, I figure anyone that can hack it (so far there aren't any...) probably has bigger targets than a single person's accounts. Also, I don't keep it on my computer, so they kinda would need the USB drive that it is on before they could do anything with it.
Bonus (for me): the Portable Apps Suite includes a backup utility that I have used to make a zip file of the files on my USB drive, in case I lose the sucker...
--Oh, Zed, I almost forgot: I hadn't used *this* browser since changing my password, so of course the cookie didn't agree with the database. It's not that I'm trying to be a pain, I'm just trying to be thorough, but the same error showed up.
Lest you think that all I do is gripe gripe gripe though, let me suck up say how much I appreciate the time, effort, and money that you and Guru have put into this place. This is the best community on the web anywhere. Thank you.
*looks up*
Geez, I talk to much... | ALL ORIGINAL POSTS IN THIS THREAD ARE NOW AVAILABLE |
| | | | | | | |