And nobody else. This is a known problem with the forum's configuration. The team is working on it. There is no security problem behind the fact, that you get this warning and the need to solve the puzzle (aka captcha).Barny wrote:This is the first time I have visited this site for well over a year, so definitely not me trying to login.
All forums user should reset their password
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Re: Linux Mint Forum compromised email
Re: All forums user should reset their password
People have been telling you about this breach for ages???? Why so slow to react?
I received a notice too, from when I used mint a few years ago. Thank god I don't use it any more! The corrupt iso's too??? confused?
I am very happily an Arch user now, have been for a while, rock solid. Also very secure.
Bye Mint.
(P.S. If you want to abuse/flame me, your too late, that's why I left mint and the community in the first place.)
I received a notice too, from when I used mint a few years ago. Thank god I don't use it any more! The corrupt iso's too??? confused?
I am very happily an Arch user now, have been for a while, rock solid. Also very secure.
Bye Mint.
(P.S. If you want to abuse/flame me, your too late, that's why I left mint and the community in the first place.)
-
- Level 1
- Posts: 1
- Joined: Fri Sep 19, 2014 2:44 pm
Re: All forums user should reset their password
Ahhh... this explains why I started getting junk email. I never have received any in the email account I use here previously. Interesting. Thank you for notifying us all. Always use the strongest password (maximum amount of characters) possible. Never ever use the same PW on other site/accts. I use a PW generator and keep them on a encrypted Flash Drive. They are then copy/pasted into the PW field when required. I then clear my clipboard w/ Glipper afterwards. I started doing this after finding a keylogger on my Windblows box about 9 mos before the Snowden revelations. The KL I found lead back to a N-Esay ip. Told a few about it and they thought I was claaaazzzzy. Huh :p
Re: Forum Security
From the link in the email you received:
On the servers themselves, the team worked day and night to harden as many aspects as possible. Each website is now running on its very own server. All websites are now behind a strict firewall and the presence of malware is monitored by a security firm. Many restrictions were placed on apache and php to restrict their scope and privileges. All automated backups were reviewed. Https was implemented to prevent man-in-the-middle attacks.
Re: All forums user should reset their password
Bye bye! *smiles and waves*romanybob wrote: Bye Mint.
If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
Re: All forums user should reset their password
Where do I go to change my password? I cant find where to change it! I checked in user profile and control panel. Can't find it!!! Please help. Thanks
Re: Forum Security
Let me add: those users who have not received Clem's e-mail, yet, can find the exact same words in Clem's post here:
All forums user should reset their password, section "What is being done to prevent this in the future?", last paragraph.
All forums user should reset their password, section "What is being done to prevent this in the future?", last paragraph.
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 792 days now.
Lifeline
Re: All forums user should reset their password
I used ucp.php?mode=sendpassword and I was "back in" inside of 3 minutes.ironforger wrote:Where do I go to change my password? I cant find where to change it! I checked in user profile and control panel. Can't find it!!! Please help. Thanks
Prior to that....at least a dozen captchas w\out success.
Worth a shot? YMMV
Let's hope your contact_email is up-to-date, and you have access to it.
Last edited by Habitual on Tue Mar 01, 2016 9:43 am, edited 1 time in total.
Re: All forums user should reset their password
User control panel => Profile => Edit account settings.ironforger wrote:Where do I go to change my password? I cant find where to change it! I checked in user profile and control panel. Can't find it!!! Please help. Thanks
Direct link: ucp.php?i=ucp_profile&mode=reg_details
Last edited by xenopeek on Tue Mar 01, 2016 9:47 am, edited 1 time in total.
If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
Re: All forums user should reset their password
Thanks, I got my email no problem and I have reset the password, but I keep being asked to solve a captcha ever since. Is this normal?
It is common sense, but still very good advice, to use unique passwords. I would add that it's even better that they be random-generated by machine, rather than a human brain thinking them up.
It is common sense, but still very good advice, to use unique passwords. I would add that it's even better that they be random-generated by machine, rather than a human brain thinking them up.
In the quoted passage, I feel that the word 'cracker' would fit in better than 'hacker'.clem wrote:
Can the hackers decrypt my password?
No, but they can "find" it by brute-force [...]
How long would it take for the hackers to decrypt my password?
They're hashed and salted, but that only slows them down [...]
Re: Linux Mint Forum compromised email
ucp.php?mode=sendpassword is the 3 minute solution I employed for the obscenely aggressive captcha feature.Cosmo. wrote:And nobody else. This is a known problem with the forum's configuration. The team is working on it. There is no security problem behind the fact, that you get this warning and the need to solve the puzzle (aka captcha).Barny wrote:This is the first time I have visited this site for well over a year, so definitely not me trying to login.
Re: All forums user should reset their password
Currently you'll get that incorrect "too many failed logins" message each time you log in. We're working on solving that.
Re: All forums user should reset their password
If you wish to cancel your account there's no point in asking for it within a topic in the forum. Ask for it directly to an Admin:marke54805 wrote:Time to throw out phpBB! And while you're at it cancel my account.
memberlist.php?mode=contactadmin
The link is at the bottom of this page: Contact Us
And try to be nice about it and without any profanity. Being an Admin is a thankless job. In fact I often wonder what personality peculiarities one possesses to even think about being one.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
Re: All forums user should reset their password
that is profoundaltair4 wrote:Being an Admin is a thankless job. In fact I often wonder what personality peculiarities one possesses to even think about being one.
thanks for your service
Peter
Mate desktop https://wiki.debian.org/MATE
Debian GNU/Linux operating system: https://www.debian.org/download
Mate desktop https://wiki.debian.org/MATE
Debian GNU/Linux operating system: https://www.debian.org/download
Re: All forums user should reset their password
Hi, Da_Thunderbird.
Of course it is up to you to decide which distribution you trust and which distribution you use.
Yet, the reason that you give for not trusting Linux Mint is a bit far-fetched to put it mildly.
The Linux Mint forum website has been broken into. This suggests that the old website had not been secured properly. This, however, does not have any impact on the security of Linux Mint.
The Linux Mint forum website has been setup from scratch on a different server, using a recent version of phpbb. The login process has been revamped and has been made more secure than it was before.
Sadly for the past few days this revamped login process has lead to a minor annoyance where the first login gets always rejected and a second login is needed that involves solving a captcha. How does this have any impact on the security of Linux Mint?
I fail to see the connection between both. Linux Mint is one thing. The Linux Mint forum is another thing.
Regards,
Karl
Of course it is up to you to decide which distribution you trust and which distribution you use.
Yet, the reason that you give for not trusting Linux Mint is a bit far-fetched to put it mildly.
The Linux Mint forum website has been broken into. This suggests that the old website had not been secured properly. This, however, does not have any impact on the security of Linux Mint.
The Linux Mint forum website has been setup from scratch on a different server, using a recent version of phpbb. The login process has been revamped and has been made more secure than it was before.
Sadly for the past few days this revamped login process has lead to a minor annoyance where the first login gets always rejected and a second login is needed that involves solving a captcha. How does this have any impact on the security of Linux Mint?
I fail to see the connection between both. Linux Mint is one thing. The Linux Mint forum is another thing.
Regards,
Karl
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 792 days now.
Lifeline
Re: All forums user should reset their password
Looks like time to move on. The Mint forums login has become a real pain in the butt. Too bad.
L
L
Re: All forums user should reset their password
Do not permit yourself to be frustrated so easily by such minor annoyances. There are worse problems in life. Consider the captcha a temporary game which will be forgotten soon.
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 792 days now.
Lifeline
Re: All forums user should reset their password
+1 KUDOS to Admin and Mods - everywhere!sdibaja wrote:that is profoundaltair4 wrote:Being an Admin is a thankless job. In fact I often wonder what personality peculiarities one possesses to even think about being one.
thanks for your service
Thank you. <--↑(up there too)↑ see not 'totally' thankless.
Re: All forums user should reset their password
Don't forget to throw away your sony devices. Their web site was hacked too.Da_Thunderbird wrote: I'm with Marke, and so pissed that I used my real email that I removed Mint from computers as it cannot be trusted.
Re: All forums user should reset their password
Reading Comprehension... it is a BIG challenge for some.Da_Thunderbird wrote:xenopeek wrote:Currently you'll get that incorrect "too many failed logins" message each time you log in. We're working on solving that.
I'm with Marke, and so pissed that I used my real email that I removed Mint from computers as it cannot be trusted. Debian or FreeBSD for me for the foreseeable future.
https://www.youtube.com/watch?v=zvfD5rnkTws
Peter
Mate desktop https://wiki.debian.org/MATE
Debian GNU/Linux operating system: https://www.debian.org/download
Mate desktop https://wiki.debian.org/MATE
Debian GNU/Linux operating system: https://www.debian.org/download