Attention - Password and Security Update - 2004 to 2016 Mazda 3 Forum and Mazdaspeed 3 Forums
User Tag List

 1Likes
  • 1 Post By AG_admin
 
LinkBack Thread Tools Display Modes
post #1 of 7 (permalink) Old 06-14-2016, 10:46 AM Thread Starter
AG_admin
Administrator
Points: 8,095, Level: 60
Points: 8,095, Level: 60 Points: 8,095, Level: 60 Points: 8,095, Level: 60
Activity: 7%
Activity: 7% Activity: 7% Activity: 7%
 
AG_admin's Avatar
 
Join Date: Jul 2010
Posts: 279
Thanks: 2
Thanked 78 Times in 46 Posts
Mentioned: 17 Post(s)
Tagged: 0 Thread(s)
   
Garage
Attention - Password and Security Update

Hello all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
AG_admin is offline  
The Following User Says Thank You to AG_admin For This Useful Post:
mozsert (06-15-2016)
Sponsored Links
Advertisement
 
post #2 of 7 (permalink) Old 06-14-2016, 10:54 AM
CuteHornyUnicorn
Horses!
Points: 1,653, Level: 23
Points: 1,653, Level: 23 Points: 1,653, Level: 23 Points: 1,653, Level: 23
Activity: 20%
Activity: 20% Activity: 20% Activity: 20%
 
CuteHornyUnicorn's Avatar
 
Join Date: May 2016
Location: Cornwall, England
Posts: 76
Thanks: 0
Thanked 9 Times in 6 Posts
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
 
Garage
forcing password change every year is a bit excessive, isn't it?
especially considering that we are a rather small, specialized forum, so we don't face any serious threats from hackers. worst case - some kids using a 0day exploit on our forum script, and this is highly unlikely.

Necessity is not an established fact, but an interpretation.
[F. Nietzsche]
CuteHornyUnicorn is offline  
post #3 of 7 (permalink) Old 06-14-2016, 02:44 PM Thread Starter
AG_admin
Administrator
Points: 8,095, Level: 60
Points: 8,095, Level: 60 Points: 8,095, Level: 60 Points: 8,095, Level: 60
Activity: 7%
Activity: 7% Activity: 7% Activity: 7%
 
AG_admin's Avatar
 
Join Date: Jul 2010
Posts: 279
Thanks: 2
Thanked 78 Times in 46 Posts
Mentioned: 17 Post(s)
Tagged: 0 Thread(s)
   
Garage
Hey there,

We're just trying to be proactive about the situation as we take your security very seriously.

Dayle
mozsert likes this.


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
AG_admin is offline  
post #4 of 7 (permalink) Old 06-17-2016, 05:00 PM
saimin
Junior Member
Points: 892, Level: 15
Points: 892, Level: 15 Points: 892, Level: 15 Points: 892, Level: 15
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Mar 2016
Location: Silicon Valley, CA
Posts: 15
Thanks: 3
Thanked 0 Times in 0 Posts
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
 
Yes, I was wondering if you might be going a bit overboard too. The complexity you're asking for is similar to what I use for financial accounts. But what's at risk here? Spam on a message forum?
saimin is offline  
post #5 of 7 (permalink) Old 06-17-2016, 09:42 PM
AD13
ch ch ch chia
Points: 4,426, Level: 42
Points: 4,426, Level: 42 Points: 4,426, Level: 42 Points: 4,426, Level: 42
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
AD13's Avatar
 
Join Date: Dec 2013
Location: Kelowna, Canada
Posts: 502
Thanks: 211
Thanked 141 Times in 97 Posts
Mentioned: 10 Post(s)
Tagged: 0 Thread(s)
     
Garage
Sheesh, people like to complain about everything. Some users will have the same password for multiple sites and since your email is linked to your account, it could easily be compromised. And the spam on here is annoying af.
AD13 is offline  
post #6 of 7 (permalink) Old 06-17-2016, 09:44 PM
kpatz
Senior Member
Points: 3,303, Level: 35
Points: 3,303, Level: 35 Points: 3,303, Level: 35 Points: 3,303, Level: 35
Activity: 20%
Activity: 20% Activity: 20% Activity: 20%
 
Join Date: Nov 2013
Posts: 143
Thanks: 6
Thanked 15 Times in 12 Posts
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
 
Quote:
Originally Posted by AG_admin View Post
...We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further...
Do you have more information about this potential risk? I've received this email from 2 forums already, so it seems to be the "trend" lately... and the text is the same. As an administrator of a forum myself, I'd like to know. You can send or PM me a link to the info if you have it. Thanks.

As for the new policy, it's always a good idea to use different passwords on each site, so that if one is breached, they can't easily use it to log in to other places, especially your bank accounts etc. But annual password expiration on a forum? Not sure I understand the benefit there. Maybe to ensure that different passwords are used per site?

EDIT: I found this site: https://www.leakedsource.com/ Put in your username or email and see what sites have been compromised/leaked...

2014 3i Sport, 6-speed Manual, Jet Black Mica

Last edited by kpatz; 06-17-2016 at 10:18 PM.
kpatz is offline  
post #7 of 7 (permalink) Old 06-20-2016, 03:57 PM Thread Starter
AG_admin
Administrator
Points: 8,095, Level: 60
Points: 8,095, Level: 60 Points: 8,095, Level: 60 Points: 8,095, Level: 60
Activity: 7%
Activity: 7% Activity: 7% Activity: 7%
 
AG_admin's Avatar
 
Join Date: Jul 2010
Posts: 279
Thanks: 2
Thanked 78 Times in 46 Posts
Mentioned: 17 Post(s)
Tagged: 0 Thread(s)
   
Garage
Hey guys,

I understand your concerns with this sudden, and seemingly aggressive change.

The article fails to mention that the breach was for a third party plugin.
This breach is on countless sites across the internet and not just limited to ours.

Their system was compromised and they grabbed user data for us and thousands of others.
We cleared our part of the breach and went this route to further security.
This is also in place as many members on the internet use the same or similar passwords across all things they use.

Hackers who have access to these accounts, may be able to access other platforms where the same email and/or passwords are used.
Other platforms have been compromised as well, including Twitter, Linkedin etc. We are just trying to get ahead of this, and nip it in the bud as soon as possible.

We cannot go into detail at the moment as it is being dealt with on a legal level.

If there are any other questions/concerns/feedback, please feel free to post them here.

Thank you for your patience and understanding,

~ Glenda


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
AG_admin is offline  
Sponsored Links
Advertisement
 
Reply

Tags
attention , password , security , update

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the 2004 to 2016 Mazda 3 Forum and Mazdaspeed 3 Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome