TW200 Forum banner

1 - 20 of 27 Posts

Administrator
Joined
412 Posts
Discussion Starter #1
Hey all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,
Helena
Community Management
 

Registered
Joined
19,404 Posts
Shall we wait until after security changes have been implemented to change our passwords?
Would hate to change my password to version2 tonight only to be notified that version2 is no longer valid as of tomorrow and I now need password version3.
 

Super Moderator
Joined
17,650 Posts
Shall we wait until after security changes have been implemented to change our passwords?
Would hate to change my password to version2 tonight only to be notified that version2 is no longer valid as of tomorrow and I now need password version3.
You could and probably should to secure yourself a little better; but I think you may have to do it again anyway.
 

Registered
Joined
19,404 Posts
I know I can change password, question was should I change before the security change. If there is an ongoing security breach then please explain how using a new password before security update is implemented solves anything.
 

Registered
Joined
604 Posts
If there is a breach in the security, does that mean our personal info is accessible? Wouldn't changing it now help in this situation?
Whats the worst thing they could get? Email address?
 

Super Moderator
Joined
4,046 Posts

Registered
Joined
4,459 Posts

Registered
Joined
4,459 Posts

Registered
Joined
762 Posts
All these PW resets, and other sites are doing the same thing...means FORGOTTEN passwords.

Which means BIGGER security risks, as admin gets flooded with PW change requests.

Sorry. I have several sets of passwords I use; and the one I use here is for non-monetary, non-secure time-killing communications. Giving me alphabet-soup passwords is IMHO incredibly insecure, since I'll have to write it down and reset it as I lose it.
 

Super Moderator
Joined
4,046 Posts
Did did something go wrong with the wiring in the forum software? There is a notice on top about a security concern with no message, not even a bullet connector ?
image.png


Hey all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,
Helena
Community Management
 

Super Moderator
Joined
17,650 Posts
IT IS IMPORTANT FOR EVERYONE TO SEE THIS.

If you move your mouse along the sentence and beyond the end, it will say CLICK HERE. Unfortunately it doesn't show up now...

This should be fixed.

Regardless, everyone needs to click on it and do as it instructs.
 
1 - 20 of 27 Posts
Top