Server Help Forum Index Server Help
Community forums for Subgame, ASSS, and bots
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   StatisticsStatistics   RegisterRegister 
 ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin (SSL) 

Server Help | ASSS Wiki (0) | Shanky.com
Change your password (or at least refresh it)

 
Post new topic   This topic is locked you cannot edit posts or make replies Printable version
 View previous topic  Power supply went *POP* Post :: Post Network outages explained  View next topic  
Author Message
Mine GO BOOM
Hunch Hunch
What What
Hunch Hunch<br>What What


Age:40
Gender:Gender:Male
Joined: Aug 01 2002
Posts: 3614
Location: Las Vegas
Offline

PostPosted: Fri Feb 22, 2008 4:41 pm    Post subject: Change your password (or at least refresh it) This topic is locked you cannot edit posts or make replies Reply with quote

With some other sites I frequent having issues with people grabbing the database and then attacking the password, I figured it would be time to upgrade php's password method from being a simple unsalted hash to a bit more secure (aka, salted) to protect against simple rainbow attacks.

But to do that, people need to either change or refresh their password by going to Profile and editing their profiles.

Now is also a good time to remind people that the site does support SSL. If you don't want to browse the website with SSL, I'd recommend using Use HTTPS only on login which will have the server redirect everything to normal HTTP as soon as possible. This will still allow you to login via the SSL link at the top, so your password will not be sent over plaintext. But this does require you to login via clicking the HTTPS link. As a reminder for this, on the login page it will notify you when you login via the unsecure login page.

In a few weeks, I'll send personal reminders to those that have no updated their passwords to be the new system.

REMEMBER - I can only protect your account as much as possible from the server side. If you choose a weak password like '12345' that is your own fault. I can only protect you so far as to make it very difficult to crack your password, not to protect against brute forcing or simply guesses.
Back to top
View users profile Send private message Add User to Ignore List Send email
Display posts from previous:   
Post new topic   This topic is locked you cannot edit posts or make replies    Server Help Forum Index -> Announcements All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
View online users | View Statistics | View Ignored List


Software by php BB © php BB Group
Server Load: 679 page(s) served in previous 5 minutes.

phpBB Created this page in 0.417242 seconds : 25 queries executed (94.8%): GZIP compression disabled