ALL Accounts Security Locked (1 Viewer)

woody

Staff member
Admin
Joined
Jan 15, 2002
Messages
10,342
Location
Toquerville UT
Website
www.TieRodMedia.com
It sucks, but it had to be done. And likely will need to be done periodically in the future too. Keep your email address on your account up to date.

ALL 150k+ accounts on the forum need to reset their password. That includes moderators, Vendors, everyone.

You may reset your password using the email address that is associated with your account. This email addy is the ONLY identifier that proves ownership of your account. If you no longer have access to that email address due to job/life changes, then you need to use the Contact Us form and let me know the email addy that IS on the account, AND the email addy you wish your account updated to. OLD and NEW. Telling me public info like your signature line and your build thread specs won't cut it.

The "Forgot your password?" link is located immediately below the Login box in the right column of the home forum page.

Password minimums have changed. Additional info on this can be found at:

BE SURE your new password exceeds the minimums outlined in the above thread. #ih8crappypasswords


ALSO...most email services have spam filters...and forum password reset emails are notoriously marked as SPAM. You may need to search your inbox/spam/junk folders. Or...for long term happiness, add IH8MUD.com to your email whitelist.

-------

If your password reset bombs out, it should still remove the Security Lock....and then the normal password reset should work fine. No Admin intervention required.

-------
As of Tuesday 2021-08-10 5:25pMDT, 9388 accounts have cleared the security lock and updated passwords :)
 
Last edited:

mmcinnis

Supporting Vendor
Joined
Oct 16, 2005
Messages
1,200
Location
Santa Rosa Bch. Florida
Visit site
Hey thanks, let me look back into how that is done.

IMG_7825.jpg
 

woody

Staff member
Admin
Joined
Jan 15, 2002
Messages
10,342
Location
Toquerville UT
Website
www.TieRodMedia.com
Was there a hack of IH8MUD? Was personal information compromised?
A few accounts have been accessed by scammers in recent weeks. I've implemented more security checks than I can count, and the issue happened again yesterday. Last resort is this forced password reset.

Expect this to happen a few times a year. Keep your email address up to date. Implement 2FA on your account.
 

woody

Staff member
Admin
Joined
Jan 15, 2002
Messages
10,342
Location
Toquerville UT
Website
www.TieRodMedia.com
According to the link I provided above, 8 characters ;)

 

TYM4FUN

SILVER Star
Joined
Aug 16, 2012
Messages
2,463
Location
🖕😁🖕
Visit site
According to the link I provided above, 8 characters ;)

Maximum not minimum. I am set now at 30, just took a handful of tries to get it. I usually start at 64 and was curious.
 

woody

Staff member
Admin
Joined
Jan 15, 2002
Messages
10,342
Location
Toquerville UT
Website
www.TieRodMedia.com
Maximum not minimum. I am set now at 30, just took a handful of tries to get it. I usually start at 64 and was curious.
oops....clearly I need to read better (dealing with a dozen+ "no longer have email access" messages right now....yay....)

Unsure on Max, I usually stick to 20-25 and change monthly...combined with 2FA.
 
Joined
Aug 12, 2011
Messages
4,834
Location
Sacramento, CA
Visit site
Maximum not minimum. I am set now at 30, just took a handful of tries to get it. I usually start at 64 and was curious.
64? Haha that's insane! Super long complex passwords don't really help much IMO. What matters is not using the same password across different accounts & services. You can have the most complex passwords in the world but as soon as that database is breached, your email, user ID and password are going up for sale. You can actually find forums where emails/user IDs and passwords are sold in bulk. Then it's just a mass attempt at using those passwords on a bunch of other services until they find one that works.

2FA is nice, but use a 2FA app like Google Authenticator if you can. Email/text 2FA is great until they hack your email and do a SIM swap with your cell provider. Ask me how I know :)
 

musthave

😂
Supporting Vendor
GOLD Star
Joined
Sep 4, 2013
Messages
5,058
Location
St. Pete, Florida
Visit site
So who's to blame ... the Russians? Chinese? Ourselves (gasp!) ?

Based on the IP's, none of those ;)

Most hacks these days are from Lichtenstein :rolleyes:

IP addresses mean nothing these days, with a cheap VPN product you can appear to be from nearly anywhere in the world all while sitting in your PJ's in the back of a cruiser in the middle of nowhere wheeling during the day and hacking at night.

Changed my password, easy enough. Good housekeeping.
 

Users who are viewing this thread

Top Bottom