Password Vulnerability Fix [Archive] - Blizzard Sector

View Full Version : Password Vulnerability Fix

Spitfire

08-30-2008, 02:33 AM

All users that have made their account here with Vulnerable passwords (i.e. password same as their user name) have had their passwords reset and sent the following email. If you are one of these people and are having issues please reply here.

Dear XXXX,

A vulnerability has been found with your password at Blizzard Sector. Some passwords are vulnerable to exploitation which may allow a third party to hijack your account.

This may lead to your account being used without your knowledge or permission, and actions being performed under your name.

Vulnerable accounts can also be bad for the board as a whole as they may enable access for automated tools to spam both the forums and other user accounts,
using your username.

As such we have had to reset your password.
You can find your new login details below.

Username: XXXX
Password: XXXX

If you want to change your password, login with the above details at the following location:
http://www.blizzsector.net/profile.php?do=editpassword

We apologize for any inconvenience this may cause and appreciate your understanding.

All the best,
Blizzard Sector

Mathalamus

08-30-2008, 03:51 AM

good thinking spitfire, that should remind people to use stronger passwords

Blue

08-30-2008, 05:06 AM

I bet Pam got the message.

Edit: Yes, I did just go out away to poke fun at you, reminds you of someone, doesn't it?

Nethran

08-30-2008, 10:57 PM

Dear XXXX,

<snip>

As such we have had to reset your password.
You can find your new login details below.

Username: XXXX
Password: XXXX

You reset that guys password to the same thing as his username? That doesn't seem very secure.

I'm not stupid, I was making a joke.

Blue

08-30-2008, 11:29 PM

You reset that guys password to the same thing as his username? That doesn't seem very secure.

I'm not stupid, I was making a joke.

You misunderstood.
The four star thingy was just showing you an example.
What it probably would look like is this
Account = Exmp
Pass = 7653

Nethran

08-31-2008, 02:28 AM

Har har har! I gots me one! Highlight the text under my statement.

Blue

08-31-2008, 05:28 AM

Har har har! I gots me one! Highlight the text under my statement.

Now I'm confused.
What?

Fuggle

08-31-2008, 06:04 AM

Highlight his first post, you'll see words appear like magic.

Blue

08-31-2008, 07:44 AM

ohhh... I was highlighting up and down after he said that, and I didnt see a damn thing.

Skye

08-31-2008, 08:04 AM

I should say something... but I won't.

Good idea Luke.

Mathalamus

08-31-2008, 09:37 AM

my password is a generic one...at least for me. all critical accounts (such as MSN) has a harder password. but most of my accounts has the same pass as blizzsector.

hmm... gotta change the facebook password.

Nethran

08-31-2008, 09:40 AM

I use the same unlikely password for this as I do for virtually everything in my life. :D

Mathalamus

09-01-2008, 12:43 AM

sometimes the best password is obvious. but most times its dangerous. (some people have a hard time finding the obvious)

Spitfire

09-01-2008, 08:39 AM

Obvious passwords such as user name and password the same are easy for people to hack. Simply setup a brute force bot that tries every username on a forum entering in the username as the password.

Skye

09-01-2008, 08:51 AM

You heard the boss.

Mathalamus

09-01-2008, 09:41 PM

mine is a diffrent kind of obvious.