Announcement

Collapse
No announcement yet.

[pw change] Who do you think you are, really!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #46
    Wow, great rant!

    Comment


    • #47
      The tags on this thread are brilliant, btw.

      Comment


      • #48
        just added my tag

        "spits dummy out"

        Comment


        • #49
          I believe this to be an unacceptable change, for numerous reasons:

          1. We can't define our own passwords. This is a huge issue, since if anyone experiences a breach of security and has their password stolen, we have to wait for support to verify our request and change it.

          2. There was no warning. Although luckily I have access to my email when I discovered the change, I easily could have been stuck without it for a long period of time.

          3. It was sent over EMAIL. This would be less of an issue if it was only temporary, but it's not. Not only is email one of the least secure methods of communication on the internet, it's also unreliable. Messages get lost, bounced, and misrouted routinely. It's not beyond reason that if someone wanted to get ahold of these new passwords, they can.

          Comment


          • #50
            1. We can't define our own passwords. This is a huge issue, since if anyone experiences a breach of security and has their password stolen, we have to wait for support to verify our request and change it.

            I'd love to see a hacker break into your account, rotate all the passwords, and then leave you scrambling and proving to Jelsoft that you are the legitimate owner in a long and lengthy process to get back into your members area account.
            ManagerJosh, Owner of 4 XenForo Licenses, 1 vBulletin Legacy License, 1 Internet Brands Suite License
            Director, WorldSims.org | Gaming Hosting Administrator, SimGames.net, Urban Online Entertainment

            Comment


            • #51
              I've cleaned out the tags, please be nice or receive an infraction. Don't abuse the forums. If we can't behave in this thread it will be closed. Note that in every action you do on our site the forum rules do apply!

              Comment


              • #52
                Originally posted by Selrion View Post
                I'm sorry, it will never happen again. Here is the translation: "thread to close, author to ban..." Russian Internet slang...
                Thanks for the translation

                Comment


                • #53
                  Originally posted by Floris View Post
                  I've cleaned out the tags, please be nice or receive an infraction. Don't abuse the forums. If we can't behave in this thread it will be closed. Note that in every action you do on our site the forum rules do apply!
                  So you agree on the 'hilarious', 'overreaction' and 'whining' tags? If yes, then the others should have been left out too!
                  You're spending millions of dollars on a website?!

                  Comment


                  • #54
                    I don't feel like having to explain myself, sorry. Allowing certain tags doesn't mean I have to agree to them or not. I am sure you understand.

                    One argument:
                    From the huge list of nonsense tags these few were there from the start and expressed an opinion related to the thread. Unlike 'booo hooo cry baby boy' or equal to those. Which lowers it to attacking someone personally.

                    There's no need to go overkill in tags "for the fun of it". The customer has posted feedback with arguments and there have been people who agree to it or not, with their arguments. That's what we have no problem with. Going below that isn't suitable.

                    Comment


                    • #55
                      Originally posted by Cool Matty View Post
                      3. It was sent over EMAIL. This would be less of an issue if it was only temporary, but it's not. Not only is email one of the least secure methods of communication on the internet, it's also unreliable. Messages get lost, bounced, and misrouted routinely. It's not beyond reason that if someone wanted to get ahold of these new passwords, they can.
                      This is grasping at straws isn't it?

                      How did your hosting provider send you FTP information when you signed up? The login to your control panel? What other technology is there to send this information? Also the email did not contain your customer ID or other identifying information so anyone using the new password would have to brute force that information.
                      Translations provided by Google.

                      Wayne Luke
                      The Rabid Badger - a vBulletin Cloud customization and demonstration site.
                      vBulletin 5 Documentation - Updated every Friday. Report issues here.
                      vBulletin 5 API - Full / Mobile
                      I am not currently available for vB Messenger Chats.

                      Comment


                      • #56
                        Originally posted by Wayne Luke View Post
                        This is grasping at straws isn't it?

                        How did your hosting provider send you FTP information when you signed up? The login to your control panel? What other technology is there to send this information? Also the email did not contain your customer ID or other identifying information so anyone using the new password would have to brute force that information.
                        Or they can just hit "email customer number" and intercept that email.

                        I have my own webserver, which I rent from a datacenter. Their login information for the initial SSH login was provided over an HTTPS website, not over email. With HTTPS, the connection is encrypted the entire route, not just at the end (as TLS/SSL does with email). Oh, and let's not forget that most all said hosts provide user-changable passwords.

                        Also, I do not subscribe to the idea that "well, everyone else does it" makes a choice alright. Not only is it not true, but it's a poor excuse, especially from a business who's entire income relies on accurate licensing.

                        Comment


                        • #57
                          I didnt mind them changing my password. even tho i just found out today.. until i read this read and many others.. I would rather be safe than sorry.. there are so many hackers out there.. them changing our password every so often will help accounts from getting hacked into..

                          Comment


                          • #58
                            Why was no announcement made first that this was about to happen though, along with a reason posted why it was happening. Rather than just springing it on us out the blue? For all as I know, my Hotmail might have sent that to the "Junk Inbox" without me having a clue that was on it's way to me with important new information!

                            Also, why do we not have the option to change the Password to another I can remember.
                            Last edited by MRGTB; Wed 13th Feb '08, 10:18am.

                            Comment


                            • #59
                              If you can remember it, you can guess it. If you can guess it. You can brute force it easier.

                              Comment


                              • #60
                                Originally posted by Floris View Post
                                If you can remember it, you can guess it. If you can guess it. You can brute force it easier.


                                Floris I agree with You (and with Jelsoft of course) on most of the things and actions...but this last statement...just isn't seem to be true for me

                                My passwords are generated in my own logic and I can guarantee that it's not easier brute force them compared to a random generated ones.

                                Comment

                                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                                Working...
                                X