Password Vulnerability Fix - Blizzard Sector - Diablo 3, Starcraft II, WoW, Diablo 2, Trading, Downloads, Editors, Items, Forums

Password Vulnerability Fix

08-30-2008, 02:33 AM

Join Date: Mar 2003

Posts: 4,937

Location: Australia

Spitfire

Founder

Offline

Password Vulnerability Fix - Posted: 08-30-2008

All users that have made their account here with Vulnerable passwords (i.e. password same as their user name) have had their passwords reset and sent the following email. If you are one of these people and are having issues please reply here.

Quote:

Dear XXXX,

A vulnerability has been found with your password at Blizzard Sector. Some passwords are vulnerable to exploitation which may allow a third party to hijack your account.

This may lead to your account being used without your knowledge or permission, and actions being performed under your name.

Vulnerable accounts can also be bad for the board as a whole as they may enable access for automated tools to spam both the forums and other user accounts,
using your username.

As such we have had to reset your password.
You can find your new login details below.

Username: XXXX
Password: XXXX

If you want to change your password, login with the above details at the following location:
http://www.blizzsector.net/profile.php?do=editpassword

We apologize for any inconvenience this may cause and appreciate your understanding.

All the best,
Blizzard Sector

Sponsored Links

08-30-2008, 03:51 AM

Join Date: Oct 2005

Posts: 2,647

Location: calgary

~~Mathalamus~~

Banned

Offline

Mathalamus will become famous soon enough


	good thinking spitfire, that should remind people to use stronger passwords

08-30-2008, 05:06 AM

Join Date: Aug 2005

Posts: 3,108

Location: Amittyville

Blue

Too Good To Be True

Offline


	I bet Pam got the message. Edit: Yes, I did just go out away to poke fun at you, reminds you of someone, doesn't it? East SC Ladder. Level 94 Godly Hdin. Level 86 Uber Smiter. Free rushes and organ/torch runs for any BZS member of over 100 posts.

08-30-2008, 10:57 PM

Join Date: Jan 2004

Posts: 2,026

Location: Aloft in a balloon of cheese.

Nethran

Attempter of Things

Offline

Quote:

Originally Posted by Spitfire

Dear XXXX,

<snip>

As such we have had to reset your password.
You can find your new login details below.

Username: XXXX
Password: XXXX

You reset that guys password to the same thing as his username? That doesn't seem very secure.

I'm not stupid, I was making a joke.

08-30-2008, 11:29 PM

Join Date: Aug 2005

Posts: 3,108

Location: Amittyville

Blue

Too Good To Be True

Offline

Quote:

Originally Posted by Kellard

You reset that guys password to the same thing as his username? That doesn't seem very secure.

I'm not stupid, I was making a joke.

You misunderstood.
The four star thingy was just showing you an example.
What it probably would look like is this
Account = Exmp
Pass = 7653

East SC Ladder. Level 94 Godly Hdin. Level 86 Uber Smiter. Free rushes and organ/torch runs for any BZS member of over 100 posts.

08-31-2008, 02:28 AM

Join Date: Jan 2004

Posts: 2,026

Location: Aloft in a balloon of cheese.

Nethran

Attempter of Things

Offline


	Har har har! I gots me one! Highlight the text under my statement.

08-31-2008, 05:28 AM

Join Date: Aug 2005

Posts: 3,108

Location: Amittyville

Blue

Too Good To Be True

Offline

Quote:

Originally Posted by Kellard

Har har har! I gots me one! Highlight the text under my statement.

Now I'm confused.
What?

East SC Ladder. Level 94 Godly Hdin. Level 86 Uber Smiter. Free rushes and organ/torch runs for any BZS member of over 100 posts.

08-31-2008, 06:04 AM

Join Date: Apr 2004

Posts: 4,603

Location: Georgia

Fuggle

Viva La Revolucion!

Offline

Highlight his first post, you'll see words appear like magic.

Nobody can handle the leetness of this sig.

Quote:

Who loves orange soda?
Kel'thuzad loves orange soda!
Is it true?
YOUR CURIOSITY WILL BE THE DEATH OF YOU!

08-31-2008, 07:44 AM

Join Date: Aug 2005

Posts: 3,108

Location: Amittyville

Blue

Too Good To Be True

Offline


	ohhh... I was highlighting up and down after he said that, and I didnt see a damn thing. East SC Ladder. Level 94 Godly Hdin. Level 86 Uber Smiter. Free rushes and organ/torch runs for any BZS member of over 100 posts.

#10

08-31-2008, 08:04 AM

Join Date: Jun 2005

Posts: 866

Location: South Australia

Skye

Spit's Bxtch

Offline


	I should say something... but I won't. Good idea Luke. Free stuff ;) -> http://www.gamesites200.com/diablo/in.php?id=682

#11

08-31-2008, 09:37 AM

Join Date: Oct 2005

Posts: 2,647

Location: calgary

~~Mathalamus~~

Banned

Offline


	my password is a generic one...at least for me. all critical accounts (such as MSN) has a harder password. but most of my accounts has the same pass as blizzsector. hmm... gotta change the facebook password.

#12

08-31-2008, 09:40 AM

Join Date: Jan 2004

Posts: 2,026

Location: Aloft in a balloon of cheese.

Nethran

Attempter of Things

Offline


	I use the same unlikely password for this as I do for virtually everything in my life.

#13

09-01-2008, 12:43 AM

Join Date: Oct 2005

Posts: 2,647

Location: calgary

~~Mathalamus~~

Banned

Offline


	sometimes the best password is obvious. but most times its dangerous. (some people have a hard time finding the obvious)

#14

09-01-2008, 08:39 AM

Join Date: Mar 2003

Posts: 4,937

Location: Australia

Spitfire

Founder

Offline


	Obvious passwords such as user name and password the same are easy for people to hack. Simply setup a brute force bot that tries every username on a forum entering in the username as the password.