PASSWORD Security

Discuss technical problems and features here
Bluepaint
Blue Belt
Posts: 813
Joined: Fri Jul 03, 2015 7:41 pm
x 583

Re: PASSWORD Security

Postby Bluepaint » Mon Jul 24, 2017 6:12 pm

MorkTheFiddle wrote:Thanks to the admin for the heads-up and his diligence. My user name is not one a hacker could pick out of a hat (given the obscurity of the source and given the fact that I misspelled the name), and I use the name in very few other places. One of the other places is HTLAL, which when last I logged on did not have https security. Is there a way, I wonder, to get oneself purged from the user list of HTLAL?


The admin on HTLAL never replies to us so I highly doubt it.
1 x

User avatar
Iversen
Brown Belt
Posts: 1440
Joined: Sun Jul 19, 2015 7:36 pm
Location: Denmark
Languages: Monolingual travels in Danish, English, German, Dutch, Swedish, French, Portuguese, Spanish, Catalan, Italian, Romanian,
Ahem, not yet: Esperanto, Norwegian, Afrikaans, Platt, Scots, Russian, Serbian, Bulgarian, Albanian, Greek, Latin, Indonesian ...
Language Log: viewtopic.php?f=15&t=1027
x 2791

Re: PASSWORD Security

Postby Iversen » Mon Jul 24, 2017 7:07 pm

Those of us who are moderators in both places can block your HTLAL account, but then you can't use the search facilites or the list over the latest messages (though that list has become somewhat of joke lately). Besides your name would still figure on the user list, and we can't remove it from there.
1 x

mcthulhu
Orange Belt
Posts: 139
Joined: Sun Feb 26, 2017 4:01 pm
Languages: English (native); strong reading skills - Russian, Spanish, French, Italian, German, Serbo-Croatian, Macedonian, Bulgarian, Slovene, Farsi; fair reading skills - Polish, Czech, Dutch, Esperanto, Portuguese; beginner/rusty - Swedish, Norwegian, Danish
x 356

Re: PASSWORD Security

Postby mcthulhu » Mon Jul 24, 2017 9:14 pm

I had changed my password yesterday per rdearman's suggestion, and logged in again to test it with no problems. I just had another problem with logging in today, however, and I had to answer the CAPTCHA.
1 x

User avatar
Xenops
Blue Belt
Posts: 597
Joined: Mon Nov 30, 2015 10:33 pm
Location: Boston
Languages: English (N), French (A2), Japanese (rusty A2)
Language Log: viewtopic.php?p=48718#p48718
x 939
Contact:

Re: PASSWORD Security

Postby Xenops » Mon Jul 24, 2017 9:39 pm

After some confusion and with CAPTCHA, I know have a new password and I can log in. Mods, you may disregard my email. :) Thank you for your work.
0 x
: 32 / 113 Assimil New French with Ease
: 7 / 52 French in Action


Check out my comic at: http://rosamondgrey.smackjeeves.com/

Morgana
Orange Belt
Posts: 108
Joined: Tue Jun 06, 2017 6:02 pm
Languages: English (N)
x 117

Re:

Postby Morgana » Mon Jul 24, 2017 10:22 pm

Last edited by Morgana on Mon Nov 27, 2017 12:00 am, edited 2 times in total.
1 x

MorkTheFiddle
Blue Belt
Posts: 532
Joined: Sat Jul 18, 2015 8:59 pm
Location: usa
Languages: English (N). Relearning German. Read (only) French and Spanish.
Language Log: viewtopic.php?f=15&t=5680&p=70021#p70021
x 761

Re: PASSWORD Security

Postby MorkTheFiddle » Mon Jul 24, 2017 11:27 pm

Iversen wrote:Those of us who are moderators in both places can block your HTLAL account, but then you can't use the search facilites or the list over the latest messages (though that list has become somewhat of joke lately). Besides your name would still figure on the user list, and we can't remove it from there.
If the user list still shows the name, there is no point in blocking my account. So don't bother. If I am not mistaken, searching can still be done through Google (website:how-to-learn-any-language.com etc.). Thanks to both you and Rhian for your replies.
1 x
Ah ! Le bon billet qu'a La Châtre !

User avatar
Hank
Green Belt
Posts: 260
Joined: Wed Dec 16, 2015 12:35 pm
Location: Missouri, USA
Languages: English (N), Spanish (intermediate), Welsh (studying)
Language Log: viewtopic.php?f=15&t=1833
x 375

Re: PASSWORD Security

Postby Hank » Mon Jul 31, 2017 2:25 am

Old news maybe, but this just happened to me. I changed my password. It really stinks because my password was easy to remember, but not very safe. :(
0 x
Correcciones son bienvenidas.

Tillumadoguenirurm
Orange Belt
Posts: 187
Joined: Fri May 06, 2016 3:07 pm
Languages: English
x 210

Re: PASSWORD Security

Postby Tillumadoguenirurm » Mon Jul 31, 2017 7:49 am

Hank wrote:Old news maybe, but this just happened to me. I changed my password. It really stinks because my password was easy to remember, but not very safe. :(


And I got the captcha again today, but I've only tried to logg in once.
0 x

Cainntear
Blue Belt
Posts: 865
Joined: Thu Jul 30, 2015 11:04 am
Location: Scotland
Languages: English(N)
Advanced: French,Spanish, Scottish Gaelic
Intermediate: Italian, Catalan, Corsican
Basic: Welsh
Dabbling: Polish, Russian etc
x 1774
Contact:

Re: PASSWORD Security

Postby Cainntear » Mon Jul 31, 2017 11:10 am

Presumably this is them attempting to use the data from the recent hack...?

It's happened to me several times recently, and the most recent was five minutes ago. I logged in with my password yesterday too, so it looks like the hackers attempted overnight.

As for password security settings, four unrelated words from four unrelated languages make for a surprisingly secure password, and you can even add in a few extra characters to mix things up.
4 x
A year of Tatoeba recordings: 40 / 365 One donated recording every day in 2017.

User avatar
Iversen
Brown Belt
Posts: 1440
Joined: Sun Jul 19, 2015 7:36 pm
Location: Denmark
Languages: Monolingual travels in Danish, English, German, Dutch, Swedish, French, Portuguese, Spanish, Catalan, Italian, Romanian,
Ahem, not yet: Esperanto, Norwegian, Afrikaans, Platt, Scots, Russian, Serbian, Bulgarian, Albanian, Greek, Latin, Indonesian ...
Language Log: viewtopic.php?f=15&t=1027
x 2791

Re: PASSWORD Security

Postby Iversen » Mon Jul 31, 2017 12:25 pm

It is necessary to have good strong passwords, but actually there is no reason to believe that they have been guessed so far (and therefore no reason to change a good strong password). The point is at the fake login attempts fizzle out when the limit is reached, and to go beyond this point you have to supply the correct password AND solve a riddle - in other words the riddle isn't used unless you also have supply a correct password. When the rightful account owner has passed this double test and got access to the forum the counter is of course reset and the hacker can then attempt a new series of guesses - but with a good password you would need an astronomical number of rounds before finding the right one purely by guessing. Maybe the goal of the attacker right now simply is to irritate us.
3 x


Return to “Technical Support and Feature Requests”

Who is online

Users browsing this forum: No registered users and 1 guest