Philooo Posted May 1 Share Posted May 1 @Joel R - set up Word Filters for keywords DONE - Prepare and warn your moderator team. They can mark users as Spam DONE - Change your registration and security challenges (especially hcaptcha to the highest setting) DONE - Drink lots of alcohol 🥃 ALWAYS @Marc Stridgen - switching to email login ALMOST DONE (dual login enabled for some weeks before enabling email login, time to communicate with customers) Thank you very much to everybody Link to comment Share on other sites More sharing options...
Stuart Silvester Posted May 1 Share Posted May 1 On 4/22/2024 at 7:21 AM, Svetozar Angelov said: Could you tell me how to log in to the forum? We have released a patch to address this issue. Please go to AdminCP > System > Support and apply the patch from the first/top left box. If you do not see an option to install the patch, you already have the latest release. SeNioR-, Jim M and Svetozar Angelov 2 1 Link to comment Share on other sites More sharing options...
marklcfc Posted May 1 Share Posted May 1 13 hours ago, Marc Stridgen said: @Philooo - Its worth noting here that switching to email login is advised, and has been for quite some time in your admin CP. If you are using display name, then half the login details are essentially already known. Still waiting on the benefit here given its the email address / password combo in these data breaches Link to comment Share on other sites More sharing options...
Gary Posted May 2 Share Posted May 2 Updated with the latest patch and encountered no problems whatsoever, thanks @Stuart Silvester. 😎 SeNioR- 1 Link to comment Share on other sites More sharing options...
Marc Stridgen Posted May 2 Share Posted May 2 9 hours ago, marklcfc said: Still waiting on the benefit here given its the email address / password combo in these data breaches Are you 100% sure of that? There are no lists anywhere where someone has used the same username? It is very very likely there are username, email, password combinations out there. SeNioR- 1 Link to comment Share on other sites More sharing options...
marklcfc Posted May 2 Share Posted May 2 2 hours ago, Marc Stridgen said: Are you 100% sure of that? There are no lists anywhere where someone has used the same username? It is very very likely there are username, email, password combinations out there. Just remember when it happened to me in the 123RF breach in 2020 it was the same email / password combo that was being used in many places Link to comment Share on other sites More sharing options...
Jim M Posted May 2 Share Posted May 2 9 hours ago, marklcfc said: Just remember when it happened to me in the 123RF breach in 2020 it was the same email / password combo that was being used in many places Keep in mind, that is one instance out of many, many, many, many other breaches. Kind of like stating, all car accidents are the same 🙂 . Each breach is different than the next depending on the website and data the attacker obtains. More often than not username is stored and obtained, if it is available. Link to comment Share on other sites More sharing options...
Svetozar Angelov Posted May 4 Share Posted May 4 On 5/1/2024 at 7:22 PM, Stuart Silvester said: We have released a patch to address this issue. Please go to AdminCP > System > Support and apply the patch from the first/top left box. If you do not see an option to install the patch, you already have the latest release. Thanks! I installed the patch. Link to comment Share on other sites More sharing options...
Recommended Posts