"Maximum Login Attempts" and your account password

Announcements that are posted here are important, please read them carefully.
Locked
User avatar
Zack
Co-Admin
Co-Admin
Posts: 4153
Joined: 27 Jun 2007, 15:26
Location: Bombay
Contact:

"Maximum Login Attempts" and your account password

Post by Zack » 20 Jan 2011, 17:02

Hello,

It has recently been brought to the attention of the team that there have been a sudden increase of "login verification" codes having to be entered to be able to sign in to the forum.

After some investigation, it appears this is occurring on many high profile/high traffic phpBB forum powered websites, so it is not unique to our forum.

The reason this is happening is that there is a automated script being run on infected computers scanning for phpBB forums, and then attempting to login to them by using brute force dictionary attacks and scanning memberlists for usernames (i.e. trying to guess peoples passwords by running through huge lists to see which work!).

Any accounts that do have unsecure passwords and successfully log in will be noted by the crackers, and probably used to spam the forum later.

We'd highly recommend changing, or even making your password more securer than before to prevent anyone from accessing your account. Click here to change your password in your profile now.

Unfortunately we can't stop the forum from asking for verification codes to sign in, as this is the forum doing its job to try and combat the cracking attempt.

We'd also like to make it clear that no passwords or user data has been exposed by us, and that the only way any personal data could be accessed is if your account has an insecure password.

Here's some tips for your account passwords and what you should choose:

1) Avoid single word passwords that use a word found in the dictionary. These are extremely easy to crack by these automated attempts
2) Avoid using common names, phrases or formula one related words. Because they are easy for people visiting or some unscrupulous friend to guess!
3) Do use a number, or even better, a number and a symbol in your password - e.g. bett#69
4) Try and alter the cAsE of your PaSswOrd to make it harder to guess - e.g. Dur@c3LL
5) Change your password regularly if you share or use multiple computers to sign in


» Click here to change your password in your profile now.

If you have any problems trying to sign in, please feel free to contact me via PM or email support => @ => f1zone.net

Thank you.
Better than a thousand hollow words is one word that brings PEACE -Buddha
There is no point in defining a point... But there is a point in trying -Zack

ImageImage
[Videos]

Donate & support us
-ZACK- IO

Locked