Back to Topic Index
Everyone needs to update their passwords now!
By RobbieThe1st on 05/01/2011
Like I said I was going to do a couple of weeks ago, I have updated the password system we use here.
Everyone needs to update their passwords. You -cannot- login again until you reset your password.
Assuming you are still logged in(which you are if you are reading this), you have -one- chance to reset your password with the "change password" setup in your profile - Once your password is successfully changed with that, it can't currently be changed again(Until I apply a minor update to the system).
If you need to change your password again, the "reset password" form works. Same with if you aren't logged in.
Now, like I said before, the standard for passwords has been improved. Passwords need to be:
1. No less than 8 characters(and no more than 32).
2. Must contain at least one character from three of the four groups: Numbers, Lowercase letters, Uppercase letters, and Symbols.
Now, there -may- be glitches in the system. Let me know if things aren't right - I'll do my best to fix them.
Thank you all for your understanding.
-Rob
(P.s. While I won't explain the reasoning behind this yet, there was a -very good- reason I've implemented this change. Something that surprised and scared me when I figured it out).
Everyone needs to update their passwords. You -cannot- login again until you reset your password.
Assuming you are still logged in(which you are if you are reading this), you have -one- chance to reset your password with the "change password" setup in your profile - Once your password is successfully changed with that, it can't currently be changed again(Until I apply a minor update to the system).
If you need to change your password again, the "reset password" form works. Same with if you aren't logged in.
Now, like I said before, the standard for passwords has been improved. Passwords need to be:
1. No less than 8 characters(and no more than 32).
2. Must contain at least one character from three of the four groups: Numbers, Lowercase letters, Uppercase letters, and Symbols.
Now, there -may- be glitches in the system. Let me know if things aren't right - I'll do my best to fix them.
Thank you all for your understanding.
-Rob
(P.s. While I won't explain the reasoning behind this yet, there was a -very good- reason I've implemented this change. Something that surprised and scared me when I figured it out).
By Aragon on 05/01/2011
ok boss! done
By Samurai-JM on 05/01/2011
you scared me, i thought i got hacked
By Zemus3654 on 05/01/2011
done
By Pyroclastic0 on 05/01/2011
done but when I resigned in it let me with lower case for the upper case letters
By Rodney75 on 05/01/2011
I just changed my password.
Logged out.
And then logged in with my old password.... um?
Logged out.
And then logged in with my old password.... um?
By ZurvivorMan on 05/01/2011
Consider it done
By Kyle on 05/01/2011
Changed my password, and now I can't login to the ACP..
By Quikdrawjoe on 05/01/2011
Thought I was banned lolz
By rachellove9 on 05/01/2011
ACP does not work. It keeps going back to my old pass and then saying it is not reckognized. But logging in forums is fine. You must need to do something with council rank.
By Kyle on 05/01/2011
Also, guests can't make forum accounts, especially in a time like now when new accounts are pretty important..
By George on 05/01/2011
Done kekekee.
By Rodney75 on 05/01/2011
| QUOTE: Rodney75 @ January 05, 2011 09:24 am) |
|
I just changed my password. Logged out. And then logged in with my old password.... um? |
I can literally use either password. Just making sure I get noticed, seems kinda serious :s
By KevinTempAccount on 05/01/2011
So like ... I changed my password, and I logged out and in to use the new one, and it wouldn't let me in.
I was able to log into ACP with my new password, but not the forums.
I tried manually changing my password in ACP, but it still would not let me log onto the forums.
Luckily I could register another account, and use ACP to give myself council access on this account.
lolz!
I was able to log into ACP with my new password, but not the forums.
I tried manually changing my password in ACP, but it still would not let me log onto the forums.
Luckily I could register another account, and use ACP to give myself council access on this account.
lolz!
By Mickey on 05/01/2011
This is what happens when you make major changes to the authentication systems on a production board 
By Pazenon on 05/01/2011
| QUOTE: Mickey @ January 05, 2011 10:20 pm) |
|
This is what happens when you make major changes to the authentication systems on a production bored
|
Board*
By Mickey on 05/01/2011
| QUOTE: Pazenon @ January 05, 2011 11:02 pm) | ||
Board*
|
Pfft, I'm tired
By RobbieThe1st on 06/01/2011
| QUOTE: Rodney75 January 05, 2011 01:30 pm | ||
I can literally use either password. Just making sure I get noticed, seems kinda serious :s |
First, log out, click one or two links and see if you are still logged out - You might not be being logged out properly.
If you can still login with two different passwords, PM me them. I'd like to know very much.
| QUOTE |
|
Also, guests can't make forum accounts, especially in a time like now when new accounts are pretty important.. |
Yes, they can. I've tried it myself, and it should work - Though they are held to the same high password standards as the rest of us.
| QUOTE |
|
ACP issues |
Yup. My bad. I forgot to update that part of the forum code. That's been fixed now; let me know if there are any issues.
@Mickey:
Yup. To be honest, this is a surprisingly good result - I'd have expected half the clan screaming at me over one or more issues. A couple of minor bits wrong? Not bad.
By Kaneko86 on 06/01/2011
Sorry...but I tried to do that and it said an error occurred. I tried to make sure that the passwords were identical and it gave me that message. So now what?
By RobbieThe1st on 06/01/2011
| QUOTE: Kaneko86 @ January 06, 2011 01:10 am) |
| Sorry...but I tried to do that and it said an error occurred. I tried to make sure that the passwords were identical and it gave me that message. So now what? |
What was the exact message? Copy-paste it here, please. Oh, and I may need you to PM me the password.
By Kaneko86 on 06/01/2011
| QUOTE: RobbieThe2nd @ January 06, 2011 04:59 am) | ||
What was the exact message? Copy-paste it here, please. Oh, and I may need you to PM me the password. |
Sorry, an error occurred. If you are unsure on how to use a feature, or don't know why you got this error message, try looking through the help files for more information.
The error returned was:
The entered passwords did not match, please go back and try again
I made sure they matched.
By Mickey on 06/01/2011
You don't mind me asking why you went to all the trouble, do you? The only way to get password hashes is from the ACP with a Root account, or an SQL injection (which I believe this board is immune to).
By Kyle on 06/01/2011
| QUOTE: RobbieThe2nd @ January 06, 2011 01:48 am) | ||
Yes, they can. I've tried it myself, and it should work - Though they are held to the same high password standards as the rest of us. |
Ohh. A member didn't know about the 3/4 groups he had to use while making a password. All's better now.
By RobbieThe1st on 07/01/2011
| QUOTE: Mickey @ January 06, 2011 06:06 am) |
| You don't mind me asking why you went to all the trouble, do you? The only way to get password hashes is from the ACP with a Root account, or an SQL injection (which I believe this board is immune to). |
You wouldn't need a root account - All you'd need is read access(over ssh), etc. to the forum config file. Or simply get a PHP script uploaded that could run arbitrary code(i.e. include the forum config file, dump it's contents to the browser).
Thus, Keanu could do it(if he had the technical know-how), or if he accidentally uploads something with a Trojan in it(Literally, half a dozen lines is all you need).
Or another method, which I won't divulge yet.
Back to Topic Index