Attempted hack?
You exceeded the maximum allowed number of login attempts. In addition to your username and password you now also have to solve the CAPTCHA below.
This is what I was greeted with when logging in today. I can only surmise that someone has repeatedly tried to access my account. How else would this built-in security function have been "tripped"?
I assume, Big Orange, that you have no way of discovering the villain's identity?
Unmasked or not however, I'd like to extend a very derisive FUCK YOU to the perpetrator.
Sincerely,
Me
This is what I was greeted with when logging in today. I can only surmise that someone has repeatedly tried to access my account. How else would this built-in security function have been "tripped"?
I assume, Big Orange, that you have no way of discovering the villain's identity?
Unmasked or not however, I'd like to extend a very derisive FUCK YOU to the perpetrator.
Sincerely,
Me
There's only one rule in street and bar fights: maximum violence, instantly. (Martin Amis, "Money")
-
- Moderator
- Posts: 7963
- Joined: Sun Dec 07, 2008 4:53 pm
- antispam: no
- Location: this hill-shadowed city/of razors and knives.
- Contact:
I had this last night.
Rosencrantz: What are you playing at? Guildenstern: Words. Words. They're all we have to go on.
___________________________
Antiphon - www.antiphon.org.uk
___________________________
Antiphon - www.antiphon.org.uk
Has anyone else experienced this? I'd like to know if people outside of the admin/mod/former mod circle has been affected.
That suspicion aside, because it wasn't isolated (you two had it happen as well), the likelihood that it's related to some sort of update is more likely. But we'll see I guess.
That suspicion aside, because it wasn't isolated (you two had it happen as well), the likelihood that it's related to some sort of update is more likely. But we'll see I guess.
There's only one rule in street and bar fights: maximum violence, instantly. (Martin Amis, "Money")
Oh, and just to be safe, I'd advise changing your current passwords, even if you think they're sturdy enough. Strictly speaking, if attempts were made to hack your accounts, the person or persons responsible now have more information than they did prior to making the attempts; i.e., they know what your passwords AREN'T. It's a small mathematical edge you can give yourselves. Reset them back to zero. Assuming of course, that "they" exist. But better safe than sorry.
There's only one rule in street and bar fights: maximum violence, instantly. (Martin Amis, "Money")
I could change my password, but ... I can't see what advantage anyone would gain by hacking into my PG account. Perhaps that's just my ignorance showing. They could pretend to be me, but how long could they plausibly keep that up for? Even I find it hard work.
Of course I suppose they could change my password, which would be an enormous pain.
Of course I suppose they could change my password, which would be an enormous pain.
They could change your password, locking you out. You would lose your privacy (hacker would have immediate access to private correspondences). Your post history would be in jeopardy (hacker could delete/edit posts). And because you're a mod, everyone else would be at risk of altered/deleted posts as well.
There's only one rule in street and bar fights: maximum violence, instantly. (Martin Amis, "Money")
I have investigated -
phpbb support forum says:
"This is not a new occurrence, it may just now happening to you.
It is happening world wide and not just to phpBB, and it's not version specific.
Hackers/spammers are trying to 'brute force' passwords"
They recommend people use strong passwords so perhaps it's time to change them!
phpbb support forum says:
"This is not a new occurrence, it may just now happening to you.
It is happening world wide and not just to phpBB, and it's not version specific.
Hackers/spammers are trying to 'brute force' passwords"
They recommend people use strong passwords so perhaps it's time to change them!
-
- Perspicacious Poster
- Posts: 7435
- Joined: Wed Apr 23, 2008 10:23 am
This happened to me just now.It asked me for my favourite animal then told me that the answer was chicken. I suspect fowl play.
I'm out of faith and in my cups
I contemplate such bitter stuff.
I contemplate such bitter stuff.
-
- Preternatural Poster
- Posts: 1701
- Joined: Wed Nov 12, 2008 10:32 am
- antispam: no
- Location: New Forest, UK
- Contact:
Same here, damn spammers. Mind you I think they got in it explains that last poem from Ray
- twoleftfeet
- Perspicacious Poster
- Posts: 6761
- Joined: Wed Dec 07, 2005 4:02 pm
- Location: Standing by a short pier, looking for a long run-up
David,David wrote:I could change my password, but ... I can't see what advantage anyone would gain by hacking into my PG account. Perhaps that's just my ignorance showing. They could pretend to be me, but how long could they plausibly keep that up for? Even I find it hard work.
Of course I suppose they could change my password, which would be an enormous pain.
Have a read of this:
http://lifehacker.com/#!5505400/how-id- ... -passwords
Many people use the same password for more than one site, and don't have a strong password for their Email a/c either.
If they get into your Email you could be in deep merde if there are personal and financial details to be had.
Instead of just sitting on the fence - why not stand in the middle of the road?
Just for reassurance - I have read this and made sure all the preventative measures have been taken.
http://www.phpbb.com/community/viewtopic.php?t=1947925
I'm not sure what else to do. I may go through the new members and delete those who haven't posted anything.
I think it would be a good idea for people to change their passwords even though I know it is a pain.
http://www.phpbb.com/community/viewtopic.php?t=1947925
I'm not sure what else to do. I may go through the new members and delete those who haven't posted anything.
I think it would be a good idea for people to change their passwords even though I know it is a pain.
-
- Preternatural Poster
- Posts: 1701
- Joined: Wed Nov 12, 2008 10:32 am
- antispam: no
- Location: New Forest, UK
- Contact:
Have you banned the IP address range that attacks are coming from?
I have looked at it but it's prving pretty difficult to establish where it's coming from.BenJohnson wrote:Have you banned the IP address range that attacks are coming from?
See
http://www.phpbb.com/community/viewtopi ... &t=2116469
I think the key is your passwords - make sure they are complex. I do change the CAPTCHA regularly but if it gets too difficult real people can't read it which is frustrating.
The whole thing is very annoying but no forum security seems to have been breached so far.
This has happened to me too.
Did the bit where you change your password always say:
Password must be between 6 and 30 characters long, must contain letters in mixed case and must contain numbers.
because my old one didn't. I've just changed it to include this and it all seems to be fine now.
Did the bit where you change your password always say:
Password must be between 6 and 30 characters long, must contain letters in mixed case and must contain numbers.
because my old one didn't. I've just changed it to include this and it all seems to be fine now.
- twoleftfeet
- Perspicacious Poster
- Posts: 6761
- Joined: Wed Dec 07, 2005 4:02 pm
- Location: Standing by a short pier, looking for a long run-up
Sounds good to me, especially the "not used for anything else" part.David wrote:Yes, I just got it again too. My PG password is (a) pretty obscure and (b) not used for anything else, so I (hopefully) shouldn't be too much at risk.
I really don't think there's anything to worry about when the hacker only gets 3 attempts before being blocked!
Mind you, having read that article about passwords I won't be using a 6 character password anytime soon - more like 16!
EDIT: The articles gone! Maybe the site was hacked?
Instead of just sitting on the fence - why not stand in the middle of the road?