BC Sport Bikes Forum banner

21 - 40 of 57 Posts

·
Registered
Joined
·
165 Posts

·
Administrator
Joined
·
316 Posts
Discussion Starter #23
hey all,

A good piece of advice, to help in remembering the more complex password, is to do a phrase instead of just randomly adding in the extra requirements.

Example: BoiledCabbageis#1!

That will stick in your in your mind better. :)

~Shane
 

·
Registered
Joined
·
601 Posts
Funny story. I worked at a place with a 90 day password reset policy. I left the place with a password of Password#13 after a little more than three years. No one figured out my previous 12 passwords, so that strategy is validated and secure. I am glad I left that place.

Does this new policy have anything to do with - http://jalopnik.com/45-million-accounts-hacked-at-some-of-the-biggest-car-f-1782030203 ?
There has been numerous large breaches lately on almost a daily basis.. anyone who happens to cycle passwords between diff sites or uses the same password on another site or multiples is at high risk. i know it sounds stupid but people actually do this..
 

·
Beer League Racer/Asshole
Joined
·
5,206 Posts
so if we change our password now, are we going to have to change it again on the forced reset?

To those resistant to this change, you should learn to accept this. It's going to happen more and more. Heck, I even change my bank and credit card pins every 6 months, especially after major shopping holidays.
 

·
Administrator
Joined
·
316 Posts
Discussion Starter #27
Funny story. I worked at a place with a 90 day password reset policy. I left the place with a password of Password#13 after a little more than three years. No one figured out my previous 12 passwords, so that strategy is validated and secure. I am glad I left that place.

Does this new policy have anything to do with - http://jalopnik.com/45-million-accounts-hacked-at-some-of-the-biggest-car-f-1782030203 ?
The article fails to mention that the breach was for a third party plugin. This breach is on countless sites across the internet and not just limited to ours.

Their system was compromised and they grabbed user data for us and thousands of others. We cleared our part of the breach and went this route to further security. This is also in place as many members on the internet use the same or similar passwords across all things they use.

These tech blogs don't ever get the full story, there just have hearsay and run with and embellish it.

We cannot go into detail at the moment as it is being dealt with on a legal level.

so if we change our password now, are we going to have to change it again on the forced reset?

To those resistant to this change, you should learn to accept this. It's going to happen more and more. Heck, I even change my bank and credit card pins every 6 months, especially after major shopping holidays.
I like to rotate my personal ones every few months. Mind you I don't have any money in the bank to steal :(

It is a good policy to have, as I have known many people who use 1 password for all things. Their eyes get opened pretty quickly after a breach of their information.

- JB
 

·
Registered
Joined
·
4,432 Posts
Soooo, how long had you known this site was compromised and your member's information stolen before you decided to let us know about it? :eek
 

·
Chronic
Joined
·
4,472 Posts

·
Posing with conviction
Joined
·
5,387 Posts
For what friggin reason???? I've had the same password and handle on all the forums I go on and I don't want to change that. You have absolutely no reason to do this than you want to so leave it alone!!

Apply this and you've lost me as a user!!
Another retirement announcement disguised as an indignant rant.
 

·
Registered
Joined
·
601 Posts
For what friggin reason???? I've had the same password and handle on all the forums I go on and I don't want to change that. You have absolutely no reason to do this than you want to so leave it alone!!

Apply this and you've lost me as a user!!
This is joke, right?
 

·
Registered
Joined
·
976 Posts
Another retirement announcement disguised as an indignant rant.
It wasn't a retirement rant but rather this is just a forum I go to every now and then, if I have to constantly change and update passwords and request emails as they've discontinued my password rather than use the ones I've had on all these forums forever, its just not worth the hassle. Let's keep this in perspective its just a local friggin forum!!
 

·
Wanderer of the Wastes
Joined
·
6,809 Posts
It wasn't a retirement rant but rather this is just a forum I go to every now and then, if I have to constantly change and update passwords and request emails as they've discontinued my password rather than use the ones I've had on all these forums forever, its just not worth the hassle. Let's keep this in perspective its just a local friggin forum!!
this is the digital equiv to an anti-vaxxer attitude.

do some research: look into it; see the reasoning behind the trend towards forced passwd updates -- not just on this site, but all across the net -- and change your damn password. (if you're manually 'remembering it yourself' -- you're doing it wrong, grandpa)


alternative: throw your hands up and put all faith in EVERYONE ELSE to handle your shit for you, ... aka roll the dice and get rekt
 

·
Registered
Joined
·
2,733 Posts
this is the digital equiv to an anti-vaxxer attitude.
Not really, I can understand. If you don't have much invested in the forum, you go there and have to take a few extra steps to log in, and say just forget it. I've done that on some places I just can't be bothered with. *
 

·
Beer League Racer/Asshole
Joined
·
5,206 Posts
this is the digital equiv to an anti-vaxxer attitude.
Likely the most brilliant reply I've read on this forum in years! Seriously.
 

·
Administrator
Joined
·
316 Posts
Discussion Starter #38
To those that mentioned the breach, that is currently under legal investigation with law enforcement, it has been since the moment we became aware of the risk, which is roughly the same time we posted the announcement. Once we are permitted to discuss more we will.

Kyle
 

·
Registered
Joined
·
3,410 Posts
Just got automated emails from 2 other message boards that my passwords have been changed. Not only that, but they now changed that min length of password needs to be 10 chars.
 

·
Registered
Joined
·
165 Posts
You guys are not reacting with your heads. Ten character passwords with upper case, lower case, numbers and symbols does not increase security. It pushes the vulnerability into the browser.

Hire some people who understand user online security. This is not state of the art.
 
21 - 40 of 57 Posts
Top