Home Page Forums StayLDS Board Discussion [Moderators and Admins Only] Caution: people losing usernames and passwords

  • This topic is empty.
Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • January 20, 2012 at 1:36 pm #206404
    Anonymous
    Guest

    It may just be an odd coincidence, but I’ve received 4 or 5 requests in the past few days from people having trouble with their login information. They are claiming they find the message “too many login attempts” and have to try and answer the CAPTCHA question again. We had a rash of that a while back when there was a favorite bot-assisted hacking program being used by malicious folk to gain access to PHP forums. I’ve had some concerns about resetting a password for someone and responding via email to them. It seems like a way for a hacker to gain access. On the other hand, it would be far easier to just register an account and Google the answers to the questions we ask about Mormonism in the security section. That would be far less effort than trying to hack a user’s account. So I don’t know exactly what is going on.

    Two main things:

    1. Let me handle it if anyone contacts you to reset their password or alter their account. It isn’t that you guys can’t do it, but it will be easier to see a pattern if it all goes through one person who sees all the requests.

    2. Be a little extra watchful for a little while. We are maybe being targeted.

    Thanks!

    January 20, 2012 at 1:49 pm #249443
    Anonymous
    Guest

    One other tidbit, a couple folks tried sending me a private message too but it said nothing, or they deleted it before I read it. I know they sent it though because I got an email notice. It was kind of curious in conjunction with the direct emails to me asking for help with user names and passwords.

    January 20, 2012 at 4:03 pm #249444
    Anonymous
    Guest

    I also got a deleted private message – and the “quote” option in the toolbar seems to be getting wonky today (and maybe yesterday).

    I have no idea what that means, but . . .

    January 20, 2012 at 4:12 pm #249445
    Anonymous
    Guest

    I am worried the deleted private message thing is a way of fishing for email addresses of people with admin access or something like that. Do you remember who sent you the PM? Mine was from the user “On Own Now.” I think all it said was “hello.”

    January 20, 2012 at 4:16 pm #249446
    Anonymous
    Guest

    I may look into updating the phpBB software on the server this weekend. It can be a pain sometimes and time consuming, so I slacked off a bit. We are on 3.0.8 and the most current version is 3.0.10. Running an old version might be attracting hackers who think there is a security flaw they can exploit.

    January 20, 2012 at 7:13 pm #249447
    Anonymous
    Guest

    My PM also was from “On Own Now” – and the title simply said “Deleted”.

    January 21, 2012 at 5:02 am #249448
    Anonymous
    Guest

    My PM was deleted also from “On My Own” – it was blank and the title simply said Deleted

    I almost replied back asking if they needed something but deleted the message, but then decided not to because they can send again if needed. I thought it was weird.

    January 21, 2012 at 5:21 am #249449
    Anonymous
    Guest

    Mine was exactly the same too.

  • Author
    Posts
Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.