PASSWORD Security

Discuss technical problems and features here
Bluepaint
Blue Belt
Posts: 973
Joined: Fri Jul 03, 2015 7:41 pm
x 675

Re: PASSWORD Security

Postby Bluepaint » Mon Jul 24, 2017 6:12 pm

MorkTheFiddle wrote:Thanks to the admin for the heads-up and his diligence. My user name is not one a hacker could pick out of a hat (given the obscurity of the source and given the fact that I misspelled the name), and I use the name in very few other places. One of the other places is HTLAL, which when last I logged on did not have https security. Is there a way, I wonder, to get oneself purged from the user list of HTLAL?


The admin on HTLAL never replies to us so I highly doubt it.
1 x

User avatar
Iversen
Black Belt - 1st Dan
Posts: 1740
Joined: Sun Jul 19, 2015 7:36 pm
Location: Denmark
Languages: Monolingual travels in Danish, English, German, Dutch, Swedish, French, Portuguese, Spanish, Catalan, Italian, Romanian,
Ahem, not yet: Esperanto, Norwegian, Afrikaans, Platt, Scots, Russian, Serbian, Bulgarian, Albanian, Greek, Latin, Indonesian ...
Language Log: viewtopic.php?f=15&t=1027
x 3530

Re: PASSWORD Security

Postby Iversen » Mon Jul 24, 2017 7:07 pm

Those of us who are moderators in both places can block your HTLAL account, but then you can't use the search facilites or the list over the latest messages (though that list has become somewhat of joke lately). Besides your name would still figure on the user list, and we can't remove it from there.
1 x

mcthulhu
Orange Belt
Posts: 174
Joined: Sun Feb 26, 2017 4:01 pm
Languages: English (native); strong reading skills - Russian, Spanish, French, Italian, German, Serbo-Croatian, Macedonian, Bulgarian, Slovene, Farsi; fair reading skills - Polish, Czech, Dutch, Esperanto, Portuguese; beginner/rusty - Swedish, Norwegian, Danish
x 461

Re: PASSWORD Security

Postby mcthulhu » Mon Jul 24, 2017 9:14 pm

I had changed my password yesterday per rdearman's suggestion, and logged in again to test it with no problems. I just had another problem with logging in today, however, and I had to answer the CAPTCHA.
1 x

User avatar
Xenops
Blue Belt
Posts: 839
Joined: Mon Nov 30, 2015 10:33 pm
Location: Boston
Languages: English (N), French (A2), Japanese (rusty A2)
Language Log: https://forum.language-learners.org/vie ... =15&t=7472
x 1446
Contact:

Re: PASSWORD Security

Postby Xenops » Mon Jul 24, 2017 9:39 pm

After some confusion and with CAPTCHA, I know have a new password and I can log in. Mods, you may disregard my email. :) Thank you for your work.
0 x

Morgana
Green Belt
Posts: 269
Joined: Tue Jun 06, 2017 6:02 pm
Languages: EN (N), SV (?!?), IS (total beg)
Language Log: viewtopic.php?f=15&t=7745
x 426

Re:

Postby Morgana » Mon Jul 24, 2017 10:22 pm

Last edited by Morgana on Mon Nov 27, 2017 12:00 am, edited 2 times in total.
1 x

MorkTheFiddle
Blue Belt
Posts: 556
Joined: Sat Jul 18, 2015 8:59 pm
Location: usa
Languages: English (N). Relearning German. Read (only) French and Spanish.
Language Log: viewtopic.php?f=15&t=5680&p=70021#p70021
x 848

Re: PASSWORD Security

Postby MorkTheFiddle » Mon Jul 24, 2017 11:27 pm

Iversen wrote:Those of us who are moderators in both places can block your HTLAL account, but then you can't use the search facilites or the list over the latest messages (though that list has become somewhat of joke lately). Besides your name would still figure on the user list, and we can't remove it from there.
If the user list still shows the name, there is no point in blocking my account. So don't bother. If I am not mistaken, searching can still be done through Google (website:how-to-learn-any-language.com etc.). Thanks to both you and Rhian for your replies.
1 x
Ah ! Le bon billet qu'a La Châtre !

User avatar
Hank
Green Belt
Posts: 298
Joined: Wed Dec 16, 2015 12:35 pm
Location: Missouri, USA
Languages: English (N), Spanish (intermediate), Welsh (studying)
Language Log: viewtopic.php?f=15&t=1833
x 472

Re: PASSWORD Security

Postby Hank » Mon Jul 31, 2017 2:25 am

Old news maybe, but this just happened to me. I changed my password. It really stinks because my password was easy to remember, but not very safe. :(
0 x
Future travel plans:
January 2019: We booked a cruise to Mexico, Honduras, and Belize
2020: Wales and Ireland

Tillumadoguenirurm
Orange Belt
Posts: 193
Joined: Fri May 06, 2016 3:07 pm
Languages: English
x 228

Re: PASSWORD Security

Postby Tillumadoguenirurm » Mon Jul 31, 2017 7:49 am

Hank wrote:Old news maybe, but this just happened to me. I changed my password. It really stinks because my password was easy to remember, but not very safe. :(


And I got the captcha again today, but I've only tried to logg in once.
0 x

Cainntear
Brown Belt
Posts: 1106
Joined: Thu Jul 30, 2015 11:04 am
Location: Scotland
Languages: English(N)
Advanced: French,Spanish, Scottish Gaelic
Intermediate: Italian, Catalan, Corsican
Basic: Welsh
Dabbling: Polish, Russian etc
x 2519
Contact:

Re: PASSWORD Security

Postby Cainntear » Mon Jul 31, 2017 11:10 am

Presumably this is them attempting to use the data from the recent hack...?

It's happened to me several times recently, and the most recent was five minutes ago. I logged in with my password yesterday too, so it looks like the hackers attempted overnight.

As for password security settings, four unrelated words from four unrelated languages make for a surprisingly secure password, and you can even add in a few extra characters to mix things up.
4 x
A year of Tatoeba recordings: 40 / 365 One donated recording every day in 2017.

User avatar
Iversen
Black Belt - 1st Dan
Posts: 1740
Joined: Sun Jul 19, 2015 7:36 pm
Location: Denmark
Languages: Monolingual travels in Danish, English, German, Dutch, Swedish, French, Portuguese, Spanish, Catalan, Italian, Romanian,
Ahem, not yet: Esperanto, Norwegian, Afrikaans, Platt, Scots, Russian, Serbian, Bulgarian, Albanian, Greek, Latin, Indonesian ...
Language Log: viewtopic.php?f=15&t=1027
x 3530

Re: PASSWORD Security

Postby Iversen » Mon Jul 31, 2017 12:25 pm

It is necessary to have good strong passwords, but actually there is no reason to believe that they have been guessed so far (and therefore no reason to change a good strong password). The point is at the fake login attempts fizzle out when the limit is reached, and to go beyond this point you have to supply the correct password AND solve a riddle - in other words the riddle isn't used unless you also have supply a correct password. When the rightful account owner has passed this double test and got access to the forum the counter is of course reset and the hacker can then attempt a new series of guesses - but with a good password you would need an astronomical number of rounds before finding the right one purely by guessing. Maybe the goal of the attacker right now simply is to irritate us.
3 x


Return to “Technical Support and Feature Requests”

Who is online

Users browsing this forum: No registered users and 1 guest