HTOTM: FUSION
Original Post
Password expirations and compromised accounts
Hello,

Users are now required to change their passwords every 365 days (I believe the technical term for this is a "year"). This is for your own protection; good account security involves regularly changing your password. If you receive a notice that your password has expired, please change it to something new.

On a related note, if you received a notice saying your account was logged into from Germany and you got banned, your account was compromised and banned for its own security (The related breach has since been neutralized). Please follow the instructions and contact [email protected] to recover your account (And again, please change to a different password). See this thread for additional information.

Thanks,
The Management

ADDENDUM:
Chozo says,
Any further posts that appear to be flaunting how they have shit password security and how they're awesome for not getting hacked even with such idiotic practices will get their accounts suspended because there's a high probability that your accounts will end up getting hacked and generate extra work for us anyways.

Seriously, it's not a positive thing to be retarded at keeping your account safe.

ADDENDUM:
suomynona says,
Read the entire thread before posting.

I will ban anyone who obviously didn't. Thank you.
Last edited by suomynona; Jul 30, 2011 at 06:25 PM.

"i wish i could do that ken watanabe face where his eyes are really wide" -siku 2015
DONSELUKE, MASTER OF LAWSUIT
if you love america please sign this petition
B&B&B&
Originally Posted by suomynona View Post
Request denied. Now you get a new one.

Fucking upgrade.
<Crooked> I'd say spartan, cause if he's tough enough to digest ungodly amounts of alcohol he clearly has the best body
How are the passwords getting hacked? Are the toribash forums, somehow getting compromised and passwords being given out for free, or is it the more likely idiots are signing into phishing scams?
Originally Posted by isaac View Post
How are the passwords getting hacked? Are the toribash forums, somehow getting compromised and passwords being given out for free, or is it the more likely idiots are signing into phishing scams?

Exactly, No one's getting hacked.
All hail the staff and the good job they do keeping us safe.
Originally Posted by isaac View Post
How are the passwords getting hacked? Are the toribash forums, somehow getting compromised and passwords being given out for free, or is it the more likely idiots are signing into phishing scams?

The staff can't release information about this but I'd guess that it is someone who managed to hack it (there are ways if you try hard enough) or it was people being caught by the login_tb.dat or general phishing.
Originally Posted by JayStar View Post
Exactly, No one's getting hacked.

Besides the 8,000 people who weren't smart enough to change their passwords for a full 2 years.

(Read as: Shut the fuck up, you clearly have no idea what you're talking about.)

"i wish i could do that ken watanabe face where his eyes are really wide" -siku 2015
DONSELUKE, MASTER OF LAWSUIT
if you love america please sign this petition
B&B&B&
Pissy, all I'm saying is I wouldn't call it hacking, more like people trusting the wrong people with their password. I challenge someone to figure out my password.
Originally Posted by JayStar View Post
Pissy, all I'm saying is I wouldn't call it hacking, more like people trusting the wrong people with their password. I challenge someone to figure out my password.

No, people actually went and hacked the forum and got access to a list of passwords from a few years ago.

Therefore, if you didn't change your password in those few years, you got your account stolen.

The internet is not 100% safe at all times even if you don't give away your password through chat with someone else.
Originally Posted by isaac View Post
How are the passwords getting hacked? Are the toribash forums, somehow getting compromised and passwords being given out for free, or is it the more likely idiots are signing into phishing scams?

Give us some credit, we know how security works, all the passwords we store are quite secure I can assure you, and if stolen wouldn't be of any use to the thief since they are salted, it's the basics of any good security and we often think of ways to improve it as well.

Passwords are being stolen because people are stupid, mostly they are either going to phishing sites, use duplicate passwords for other, less secure sites, give their password out or god forbid have a sibling and haven't learnt proper security measures. In minor cases there are ways to exploit the Toribash runtime to get someone's password but they are far from common and suggestions have been posted to fix them.

Originally Posted by JayStar View Post
Fair enough, I like the way you said it.

It's nice that you can be swayed by the way someone says things, honestly we don't give a flying pig sex if you agree with us or not, and arguing over the definition of 'hack' is just redundant, you should know what we mean. It would also be to everyone's benefit to avoid arguments in the News section.



In short this is the new policy, users are the reason users are getting thier accounts stolen, deal with it.
Last edited by Vox; Jul 29, 2011 at 11:08 AM.