IMPORTANT Strong Password Required READ THIS
- AUbicycles
- Site Admin
- Posts: 15592
- Joined: Tue Aug 23, 2005 2:14 am
- Location: Sydney & Frankfurt
- Contact:
IMPORTANT Strong Password Required READ THIS
Postby AUbicycles » Sat Jan 08, 2011 11:45 am
This problem is a recognised problem on phpbb forums and elsewhere it is being suggested that there are infected computers worldwide that are launching brute force attacks on phpbb forums to attempt to gain access of user accounts.
IMPORTANT: Please make sure your password is not easy to crack
You can change your password in your profile
Here's some tips borrowed from here for your account passwords and what you should choose:
* Avoid single word passwords that use a word found in the dictionary.
These are extremely easy to crack by these automated attempts
* Avoid using common names, phrases or cycling related words.
Because they are easy for people visiting or some unscrupulous friend to guess!
* Do use a number, or even better, a number and a symbol in your password - e.g. bett#69
* Try and alter the cAsE of your PaSswOrd to make it harder to guess - e.g. Dur@c3LL
* Change your password regularly if you share or use multiple computers to sign in
--
Unfortunately there will still be the "maximum login attempts" problem which we can't stop.
Action has been taken to try and minimise the damage of the attacks however as a member - you need to help and if your password is too simple, change your password
I will take action of deactivating member accounts which have not been active for some time and include a post here. Feel free to post reports of the "maximum login attempts" error here: Login Oddity.
If you are using tapatalk and receive the error - use your web browser to login in (entering the captcha) and then from tapatalk you should be able to log in again
- Aushiker
- Posts: 22399
- Joined: Tue Jun 05, 2007 1:55 pm
- Location: Walyalup land
- Contact:
Re: IMPORTANT Strong Password Required READ THIS
Postby Aushiker » Sat Jan 08, 2011 12:35 pm
I would add one more hint ... use a different password for each site/place of login. Not that hard actually and I do it. If someone got my password here it cannot be used anywhere else.
Andrew
Aushiker.com
- AUbicycles
- Site Admin
- Posts: 15592
- Joined: Tue Aug 23, 2005 2:14 am
- Location: Sydney & Frankfurt
- Contact:
Re: IMPORTANT Strong Password Required READ THIS
Postby AUbicycles » Sat Jan 08, 2011 1:06 pm
Have a look at the forum stats on the homepage, 10.000+ members 2 days ago, 8.000 yesterday and 2.600 today.
For the purpose of clarity, please help keep this thread on topic, for comments 'just to chat' and that are not on topic - lets use the login oddity thread. This will help other members get the facts and useful tips (like Aushikers comment).
- ozzymac
- Posts: 688
- Joined: Sat Aug 07, 2010 6:14 pm
Re: IMPORTANT Strong Password Required READ THIS
Postby ozzymac » Sat Jan 08, 2011 8:10 pm
I was reading a tip the other day for making passwords that are a bit more difficult than the normal ones.
There suggestion was when making a password decide on a combination lets say " SNOWPATROL2010"
Now when you go to use it on a site instead of typing snow etc....
You use the key next to the letter you want to use, thus " SNOWPATROL2010" would become " DMPE[SYTPM@)!)" for numbers you can use shift to get extra characters.
It makes it easy to have harder passwords without really having to remember them.
I hope thats right anyway.
cheers
- WarrenH
- Posts: 664
- Joined: Fri May 28, 2010 3:58 am
Re: IMPORTANT Strong Password Required READ THIS
Postby WarrenH » Sun Jan 09, 2011 1:42 pm
I followed Admin's advice to the tee and I still couldn't log-on. I must have tried at least 50x over the past two weeks, to log-on using Firefox. I cleared the cookies, to start again ... but no cigar.
I changed to Google Chrome this morning and logged-on first go. I went back and tried Firefox and failed to log-on again. I'm back here on Chrome.
Warren.
"Paved roads ... another fine example of wasteful government spending." - a bumper sticker.
- daniel.s
- Posts: 107
- Joined: Thu Sep 20, 2007 3:09 pm
- Location: Macquarie Fields, NSW
Re: IMPORTANT Strong Password Required READ THIS
Postby daniel.s » Sun Jan 09, 2011 1:53 pm
I use another variant on this theme for my day to day passwords. Going with the "Snow Patrol 2010" example, the password would end up being "Sno@)!)roL". You just do the following:ozzymac wrote:Hi,
I was reading a tip the other day for making passwords that are a bit more difficult than the normal ones.
There suggestion was when making a password decide on a combination lets say " SNOWPATROL2010"
1. First 3 letters of the first word, uppercase first letter
2. Type the number while holding shift
3. Last 3 letters of the second word, uppercase last letter.
This works well, except for when you go overseas and they keyboard layouts have different characters on the shift keys. The good thing is that it's easy to remember, and you can always use longer numbers or change the words periodically.
Otherwise, use a password manager such as KeePass. I do this, and have unique, long random passwords for every different site.
- CommuRider
- Posts: 5053
- Joined: Sat Sep 25, 2010 6:16 pm
- Location: Sydney
Re: IMPORTANT Strong Password Required READ THIS
Postby CommuRider » Sun Jan 09, 2011 1:55 pm
Using Firefox 3.6.13 no problems logging in for the last 48 hours or so.WarrenH wrote: I changed to Google Chrome this morning and logged-on first go. I went back and tried Firefox and failed to log-on again. I'm back here on Chrome.
- Spiza
- Posts: 1983
- Joined: Sat Jun 28, 2008 8:46 pm
- Location: Castle Hill, NSW
Re: IMPORTANT Strong Password Required READ THIS
Postby Spiza » Sun Jan 09, 2011 8:16 pm
Just an idea... if the attacks continue, your programmer might be able to change/customise the login screen or process to fool the automated attacks.
Take a look at the Westpac login screen https://businessonline.westpac.com.au/e ... in/SrvPage
-
- Posts: 2631
- Joined: Tue Oct 20, 2009 10:36 pm
Re: IMPORTANT Strong Password Required READ THIS
Postby eeksll » Sun Jan 09, 2011 10:34 pm
I personally use a combination of keepass http://keepass.info/ and lastpass.
Keepass for my bank accounts and stuff like that which i want more secure or is not browser type passwords. And stuff which I dont want auto-login (in case someone steals my computer/gets access)
and i use lastpass for most of my browser stuff which I dont mind auto login for.
- jules21
- Posts: 10555
- Joined: Thu Apr 02, 2009 11:14 pm
- Location: deep in the pain cave
Re: IMPORTANT Strong Password Required READ THIS
Postby jules21 » Mon Jan 10, 2011 4:40 pm
-
- Posts: 1437
- Joined: Mon Apr 23, 2007 6:14 pm
- Location: Perth
Re: IMPORTANT Strong Password Required READ THIS
Postby twowheels » Tue Jan 11, 2011 1:37 pm
- rustguard
- Posts: 1415
- Joined: Thu Jul 10, 2008 2:31 am
- Location: Perth, WA
- Contact:
Re: IMPORTANT Strong Password Required READ THIS
Postby rustguard » Tue Jan 11, 2011 3:46 pm
- casual_cyclist
- Posts: 7758
- Joined: Fri Feb 20, 2009 11:41 am
- Location: Kewdale
Re: IMPORTANT Strong Password Required READ THIS
Postby casual_cyclist » Tue Jan 11, 2011 4:27 pm
I do that too.Aushiker wrote:Hi
I would add one more hint ... use a different password for each site/place of login. Not that hard actually and I do it. If someone got my password here it cannot be used anywhere else.
Andrew
- AUbicycles
- Site Admin
- Posts: 15592
- Joined: Tue Aug 23, 2005 2:14 am
- Location: Sydney & Frankfurt
- Contact:
Re: IMPORTANT Strong Password Required READ THIS
Postby AUbicycles » Tue Jan 11, 2011 11:18 pm
The deactivation is an account put on hold and can either be reactivated by the user (via send a reactivation email) or in the case of problems, email me and I will reactivate manually. I would have preferred not to have had to deactivate such a large volume of accounts however have created notes when these members try to log-in so that they easily understand the process and know that it is not their error and reactivation is (usually) easy. The deactivation is now protecting these members from having their accounts compromised.
--
I am working on the sessions - essentially, for users who never log out, there are no problems - however in the last while most users need to log in every day... my current task is to make it as comfortable as possible, at least for most.
- trailgumby
- Posts: 15469
- Joined: Sat Jan 03, 2009 5:30 pm
- Location: Northern Beaches, Sydney
- Contact:
Re: IMPORTANT Strong Password Required READ THIS
Postby trailgumby » Tue Jan 11, 2011 11:22 pm
-
- Posts: 15579
- Joined: Fri Oct 17, 2008 10:04 pm
- Location: Lesmurdie WA
Re: IMPORTANT Strong Password Required READ THIS
Postby Joeblake » Wed Jan 12, 2011 11:40 am
One suggestion for keeping a password list at hand but still reasonably secure is to keep a text file of all your passwords, but saved under a name which is unlikely to be associated with passwords. Using the word processor on your computer, create a macro which will find the file then open it. Keep the name of macro on a piece of paper somewhere as an aid memoir if necessary.
Depending on which wordprocessor you use, it should be possible to put a secure password on the text document itself and either have THAT password on a post-it note or even built into the macro.
Joe
Bertrand Russell
- CommuRider
- Posts: 5053
- Joined: Sat Sep 25, 2010 6:16 pm
- Location: Sydney
Re: IMPORTANT Strong Password Required READ THIS
Postby CommuRider » Wed Jan 12, 2011 11:48 am
I'm just trying to get my head around this...so if I see the Captcha password it's because some people have been trying to access my account on here? Don't they have better things to do?trailgumby wrote:Looks like my account got hit a second time. Had to enter a Captcha password. Fortunately my password is reasonably strong and unlikely to be cracked by a brute force attack.
- AUbicycles
- Site Admin
- Posts: 15592
- Joined: Tue Aug 23, 2005 2:14 am
- Location: Sydney & Frankfurt
- Contact:
Re: IMPORTANT Strong Password Required READ THIS
Postby AUbicycles » Wed Jan 12, 2011 8:21 pm
CommuRider - it is an automated attack sent via infected computers world-wide with the likely aim of breaking into user accounts and then spamming forums.
I have made a change to the Captcha which will make it easier to enter as the hidden letters is really tough. If you have better suggestions for the security questions (so that a human can answer but a bot can't easily do the same) email me.
- CommuRider
- Posts: 5053
- Joined: Sat Sep 25, 2010 6:16 pm
- Location: Sydney
Re: IMPORTANT Strong Password Required READ THIS
Postby CommuRider » Wed Jan 12, 2011 10:47 pm
Can or can't?AUbicycles wrote:If you have better suggestions for the security questions (so that a human can answer but a bot can easily do the same) email me.
Being a bike forum, surely the security questions should be bike oriented? Name a bike maker starting with G, 5 letters etc?
-
- Posts: 15579
- Joined: Fri Oct 17, 2008 10:04 pm
- Location: Lesmurdie WA
Re: IMPORTANT Strong Password Required READ THIS
Postby Joeblake » Thu Jan 13, 2011 11:13 am
Joe
Bertrand Russell
-
- Posts: 690
- Joined: Mon Jan 12, 2009 9:51 am
- Location: Sydney
Re: IMPORTANT Strong Password Required READ THIS
Postby Chanboy » Thu Jan 13, 2011 11:25 am
Security questions are a bit problematic, in that you need to have quite a lot of them - and a dedicated bot programmer would simply go through all the questions and program answers to them.
- CommuRider
- Posts: 5053
- Joined: Sat Sep 25, 2010 6:16 pm
- Location: Sydney
Re: IMPORTANT Strong Password Required READ THIS
Postby CommuRider » Thu Jan 13, 2011 12:24 pm
Now Joe, it's supposed to be an easy, objective response that anyone can answer. If I write "neither" I probably won't be allowed inJoeblake wrote:Which is better? Carbon or Steel?
Joe
-
- Posts: 15579
- Joined: Fri Oct 17, 2008 10:04 pm
- Location: Lesmurdie WA
Re: IMPORTANT Strong Password Required READ THIS
Postby Joeblake » Thu Jan 13, 2011 12:35 pm
Joe
Bertrand Russell
-
- Posts: 5470
- Joined: Mon Mar 12, 2007 2:23 pm
- Location: Yangebup
Re: IMPORTANT Strong Password Required READ THIS
Postby Baalzamon » Thu Jan 13, 2011 7:16 pm
That has happened to me twice. Yesterday morning and after work when I got home had to use it. I've also been logged out a few times. But my password is quite strong and brute force attack would need to be trying over 1 year to crack it lol.trailgumby wrote:Looks like my account got hit a second time. Had to enter a Captcha password. Fortunately my password is reasonably strong and unlikely to be cracked by a brute force attack.
- verbs and nouns
- Posts: 72
- Joined: Fri Jan 14, 2011 10:30 am
Re: IMPORTANT Strong Password Required READ THIS
Postby verbs and nouns » Fri Jan 14, 2011 10:50 am
This sucks.
Any help?
Old username was "Verbs & Nouns".
Return to “Info / announcements”
- General Australian Cycling Topics
- Info / announcements
- Buying a bike / parts
- General Cycling Discussion
- The Bike Shed
- Cycling Health
- Cycling Safety and Advocacy
- Women's Cycling
- Bike & Gear Reviews
- Cycling Trade
- Stolen Bikes
- Bicycle FAQs
- The Market Place
- Member to Member Bike and Gear Sales
- Want to Buy, Group Buy, Swap
- My Bikes or Gear Elsewhere
- Serious Biking
- Audax / Randonneuring
- Retro biking
- Commuting
- MTB
- Recumbents
- Fixed Gear/ Single Speed
- Track
- Electric Bicycles
- Cyclocross and Gravel Grinding
- Dragsters / Lowriders / Cruisers
- Children's Bikes
- Cargo Bikes and Utility Cycling
- Road Racing
- Road Biking
- Training
- Time Trial
- Triathlon
- International and National Tours and Events
- Cycle Touring
- Touring Australia
- Touring Overseas
- Touring Bikes and Equipment
- Australia
- Western Australia
- New South Wales
- Queensland
- South Australia
- Victoria
- ACT
- Tasmania
- Northern Territory
- Country & Regional
Who is online
Users browsing this forum: No registered users
- All times are UTC+10:00
- Top
- Delete cookies
About the Australian Cycling Forums
The Australian Cycling Forums is a welcoming community where you can ask questions and talk about the type of bikes and cycling topics you like.
Bicycles Network Australia
Forum Information
Connect with BNA
This website uses affiliate links to retail platforms including ebay, amazon, proviz and ribble.