+- Python Forum (https://python-forum.io)
+-- Forum: Forum & Off Topic (https://python-forum.io/forum-23.html)
+--- Forum: Board (https://python-forum.io/forum-26.html)
+--- Thread: forum hacked (/thread-984.html)
Pages:
1
2
RE: forum hacked - metulburr - Nov-25-2016
Quote:Wow! Bookmarked buy/sell guns ? [Image: biggrin.png]oh yeah, that is due to facebook's recent anti gun sell/buying rules in groups. Now everyone just sells a gun via "i want to discuss this gun".
nevermind the torrents
RE: forum hacked - wavic - Nov-26-2016
I was unable to open the forum. It opens 'change password' all the time. So I did it finally. I am asking for removing the 30 characters restrictions for the pass length.
RE: forum hacked - metulburr - Nov-26-2016
Quote:I am asking for removing the 30 characters restrictions for the pass lengththere is no length restriction that long
RE: forum hacked - Kebap - Nov-26-2016
(Nov-26-2016, 07:46 PM)wavic Wrote: I was unable to open the forum. It opens 'change password' all the time. So I did it finally.
Indeed we chose to force all users to update their passwords. This is because the hackers crackers may have a copy of your old passwords. You should also change all other places where you may use the same passwords (better never use the same password in multiple places)
(Nov-26-2016, 07:46 PM)wavic Wrote: the 30 characters restrictions for the pass length.
metulburr, there is this message:
Quote:Please correct the following errors before continuing:
- The password you entered is of invalid length. Please enter a password between 6 and 30 characters.
RE: forum hacked - metulburr - Nov-26-2016
Quote:The password you entered is of invalid length. Please enter a password between 6 and 30 characters.oh i thought you guys meant it was requiring at least 30 characters.
RE: forum hacked - wavic - Nov-27-2016
(Nov-26-2016, 09:56 PM)Kebap Wrote: Indeed we chose to force all users to update their passwords. This is because the hackers crackers may have a copy of your old passwords. You should also change all other places where you may use the same passwords (better never use the same password in multiple places)Are you saying that the passwords were kept in plain text but not as hashes?
RE: forum hacked - Skaperen - Nov-27-2016
(Nov-24-2016, 11:34 PM)wavic Wrote:(Nov-24-2016, 12:00 PM)metulburr Wrote: http://imgur.com/a/ZtbOn
and mybb admin login was inaccessible as well as server access.
Wow! Bookmarked buy/sell guns ?
they may get our bits, but not our guns
(Nov-26-2016, 11:26 PM)metulburr Wrote:Quote:The password you entered is of invalid length. Please enter a password between 6 and 30 characters.oh i thought you guys meant it was requiring at least 30 characters.
the first one i tried was len(pw) == 54. i tried again with pw[:30].
RE: forum hacked - Kebap - Nov-27-2016
(Nov-27-2016, 05:17 AM)wavic Wrote:(Nov-26-2016, 09:56 PM)Kebap Wrote: Indeed we chose to force all users to update their passwords. This is because the hackers crackers may have a copy of your old passwords. You should also change all other places where you may use the same passwords (better never use the same password in multiple places)Are you saying that the passwords were kept in plain text but not as hashes?
No, this is just extra safety measure
RE: forum hacked - verstapp - Dec-13-2016
*salted* hashes!
...and when requesting a password change it is so much better if you put all your conditions up front, eg
''please enter your new password. it must have
<condition1>, eg minimum length,
<condition2>, eg max[why?] length,
<condition3>, eg must-be-used characters,
<condition4>, eg disallowed characters[why?]
etc,
etc,''
rather than have the user find out by trial-and-error [and many ''invalid pwd''s] what the parameters of a valid pwd are.
RE: forum hacked - Skaperen - Dec-14-2016
pick a maximum password length of 255 and people might speculate it runs on MS Windows. i once told people that the maximum password length on a site was 65535. someone said he tested it and called me a liar. ok so i did lie. i'll say 4294967295 next time.