PLEASE READ: Forum/site password strength

Anything and everything that's related to OGRE or the wider graphics field that doesn't fit into the other forums.
Locked
User avatar
xavier
OGRE Retired Moderator
OGRE Retired Moderator
Posts: 9481
Joined: Fri Feb 18, 2005 2:03 am
Location: Dublin, CA, US
x 22

PLEASE READ: Forum/site password strength

Post by xavier »

Hello Ogre users,

I've just had to go through and delete a bunch of posts by a particular user who likely had their account compromised; it appeared that a bot had edited a bunch of their posts from the past as well as posted a bunch of recent garbage, plus also changed their account profile information (email address, sig, etc.).

For your sake and the sake of the Ogre site and forums, please make sure you are not using trivial passwords for your Ogre site and forum accounts (for instance, using your username as your password, or using simple dictionary words for passwords).

This sort of attack is easily thwarted with a little bit of diligence on the part of the community, so we thank you in advance for your cooperation! :)

Xavier
Trosan
Greenskin
Posts: 101
Joined: Sun Jun 10, 2007 4:57 pm
x 1

Post by Trosan »

Any plans for PHPBB 3 ? :o
User avatar
haffax
OGRE Retired Moderator
OGRE Retired Moderator
Posts: 4823
Joined: Fri Jun 18, 2004 1:40 pm
Location: Berlin, Germany
x 7
Contact:

Post by haffax »

Trosan wrote:Any plans for PHPBB 3 ? :o
How does this solve the issue?
team-pantheon programmer
creators of Rastullahs Lockenpracht
User avatar
SpaceDude
Bronze Sponsor
Bronze Sponsor
Posts: 822
Joined: Thu Feb 02, 2006 1:49 pm
Location: Nottingham, UK
x 3
Contact:

Post by SpaceDude »

If, like me, you don't fancy remembering 100 different passwords for different websites you can use something like KeePass ( http://keepass.info/ ) to store all your passwords in a database with 1 master password to unlock it.
User avatar
nullsquared
Old One
Posts: 3245
Joined: Tue Apr 24, 2007 8:23 pm
Location: NY, NY, USA
x 11

Post by nullsquared »

SpaceDude wrote:If, like me, you don't fancy remembering 100 different passwords for different websites you can use something like KeePass ( http://keepass.info/ ) to store all your passwords in a database with 1 master password to unlock it.
Or, you know, just use Image

;)
User avatar
DanielSefton
Ogre Magi
Posts: 1235
Joined: Fri Oct 26, 2007 12:36 am
Location: Mountain View, CA
x 10
Contact:

Post by DanielSefton »

I store my passwords in my PDA. Got about 250 of them, all random alphanumeric and at least 10 characters long. Not much chance of anyone guessing mine. :roll:
Any plans for PHPBB 3 ?
This really should be considered soon. There are tonnes of security flaws in phpBB2, and bots attack it all the time. phpBB3 is a lot more secure and literally bot-free. 8)

phpBB2 has completely ceased development now. So if an exploit is found, it'll never be fixed.
User avatar
syedhs
Silver Sponsor
Silver Sponsor
Posts: 2703
Joined: Mon Aug 29, 2005 3:24 pm
Location: Kuala Lumpur, Malaysia
x 51

Post by syedhs »

nullsquared wrote:
SpaceDude wrote:If, like me, you don't fancy remembering 100 different passwords for different websites you can use something like KeePass ( http://keepass.info/ ) to store all your passwords in a database with 1 master password to unlock it.
Or, you know, just use Image

;)
Err in a few days from now, Firefox 3 will be officially released. :wink:
A willow deeply scarred, somebody's broken heart
And a washed-out dream
They follow the pattern of the wind, ya' see
Cause they got no place to be
That's why I'm starting with me
User avatar
danharibo
Minaton
Posts: 997
Joined: Sat Feb 25, 2006 8:14 pm
Location: Wales, United Kingdom
Contact:

Post by danharibo »

phpBB? pfft We use SMF :P
User avatar
DanielSefton
Ogre Magi
Posts: 1235
Joined: Fri Oct 26, 2007 12:36 am
Location: Mountain View, CA
x 10
Contact:

Post by DanielSefton »

danharibo wrote:phpBB? pfft We use SMF :P
Eww. :D

Don't get me wrong, SMF is a powerful piece of forum software. (Especially the modding system.) It just seems a bit too... Basic and unprofessional. But that's my opinion. 8)

I never liked phpBB2 either, but phpBB3 has come on leaps and bounds. It's truly flawless, and the revamped ACP is great to work with.
User avatar
nullsquared
Old One
Posts: 3245
Joined: Tue Apr 24, 2007 8:23 pm
Location: NY, NY, USA
x 11

Post by nullsquared »

syedhs wrote:
nullsquared wrote:
SpaceDude wrote:If, like me, you don't fancy remembering 100 different passwords for different websites you can use something like KeePass ( http://keepass.info/ ) to store all your passwords in a database with 1 master password to unlock it.
Or, you know, just use Image

;)
Err in a few days from now, Firefox 3 will be officially released. :wink:
Good point - I wanted to post the icon instead, but didn't find a suitable size, nor did I feel like manually resizing the gigantic vector-generated one I found on the internet. Have you pledged to the official FireFox Download Day on the 17th? I have :D
User avatar
Frenetic
Bugbear
Posts: 806
Joined: Fri Feb 03, 2006 7:08 am

Post by Frenetic »

nullsquared wrote:Have you pledged to the official FireFox Download Day on the 17th? I have :D
I probably will, even though I use Opera mostly. :P

One of the main reasons I support Firefox is because it is the anti-IE. As anyone who develops for the Web should know, IE isn't actually software, but an entity forged from pure evil.
User avatar
DanielSefton
Ogre Magi
Posts: 1235
Joined: Fri Oct 26, 2007 12:36 am
Location: Mountain View, CA
x 10
Contact:

Post by DanielSefton »

Frenetic wrote:One of the main reasons I support Firefox is because it is the anti-IE. As anyone who develops for the Web should know, IE isn't actually software, but an entity forged from pure evil.
You can say that again. :lol: IE7 was a massive improvement though. Still not perfect, but compared to IE6, it's like bliss. Oh goodness, the horrors. It took twice as long to get your site to work in both FireFox and IE6 than it did to actually create the website. :shock:
User avatar
SpaceDude
Bronze Sponsor
Bronze Sponsor
Posts: 822
Joined: Thu Feb 02, 2006 1:49 pm
Location: Nottingham, UK
x 3
Contact:

Post by SpaceDude »

Sure you can store passwords in firefox or other web browser. But there are several problems with this:

1- This is not very secure at all, they can be viewed by anyone with access to your computer through Tools -> Options -> Show Passwords...

2- You may want to remember passwords which are not linked with a particular website, e.g. password to MSN Messenger.

3- If you need to access your passwords from another computer or PDA there isn't an easy way to transfer them across.

4- It's quite easy to lose all your stored passwords by re-installing your web browser and forgetting to backup.
User avatar
nullsquared
Old One
Posts: 3245
Joined: Tue Apr 24, 2007 8:23 pm
Location: NY, NY, USA
x 11

Post by nullsquared »

SpaceDude wrote:Sure you can store passwords in firefox or other web browser. But there are several problems with this:

1- This is not very secure at all, they can be viewed by anyone with access to your computer through Tools -> Options -> Show Passwords...
... -> Show Passwords -> Enter Master Password -> ... -> Profit
2- You may want to remember passwords which are not linked with a particular website, e.g. password to MSN Messenger.
Fair point.
3- If you need to access your passwords from another computer or PDA there isn't an easy way to transfer them across.
Fair point.
4- It's quite easy to lose all your stored passwords by re-installing your web browser and forgetting to backup.
Rofl, I hard-rebooted and didn't close FireFox in the process - it reset to complete defaults, including the removal of all of my saved passwords :lol:
Locked