Jump to content

Change Your Password!


Recommended Posts

This should go without saying, but follow these steps:a.) change your passwordb.) go to any other site where you might use the same username and password combination and change your passwordc.) google your username, and try to access any protected site that may be associated with your search result - change your passwordd.) when logging into other site where you use the same username and password combination, reduce or remove personal information and use consistent information - ie. a free email service accountIf this is your first time being hacked - you MUST follow these steps to protect yourself. If you've been hacked before, then this should (as I mentioned) goes without saying.If anyone else has anything else to add - please feel free to chime in. This will be a sticky until August 15 - take note.NOTE: once a target always a target - we are not out of the water (in my eyes)Did I mention?CHANGE YOUR PASSWORD

Link to post
Share on other sites

It wasn't us who were hacked for us to change the passwords. IPB uses password encryption so even if the hackers got aload of the SQL database, they wouldn't know the passwords unless they really wanted to hack into some member's account after looong decryption.Besides, as far as I understood from aspnetguy's forum, the flaw they used to hack the forum is about the forgotten password thing. It allowed them to create their own passwords without knowing the password of the admin's account, allowing themselves admin access to the forum. But even with this admin rights, they are not allowed to view passwords. They are allowed to change account passwords without notifications, thus blocking them, but even then, they don't know our old ones.Nevertheless, it's good to change passwords if you could. What I'm saying is that it's not needed in this case.

Link to post
Share on other sites

As a moderator, I feel oblidged to advise members appropriate steps to protect themselves. It, obviously, is up to each individual to decide what they want to do.Personally, I'd rather error on the side of safety from my experience.

Link to post
Share on other sites

Just to note I have found more listed exploits on their site. So it is unclear which one they used, although most were just variations of cookie spoofing, changing passwords would be a good idea just in case.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...