Attention - Password and Security Update - VeggieBoards
Forum Jump: 
 61Likes
Reply
 
Thread Tools
#1 Old 06-14-2016, 09:35 AM
Administrator
 
VSadmin's Avatar
 
Join Date: May 2014
Posts: 481
Attention - Password and Security Update

Hey all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management
Thalassa4 likes this.
VSadmin is offline  
Sponsored Links
Advertisement
 
#2 Old 06-14-2016, 09:55 AM
Veggie Regular
 
TailFin's Avatar
 
Join Date: Nov 2011
Location: East Coast, USA
Posts: 498
Will those that had their information exposed be notified?
TailFin is offline  
#3 Old 06-14-2016, 10:49 AM
Veggie Regular
 
odizzido's Avatar
 
Join Date: Nov 2013
Posts: 727
Jesus. I have so many passwords now because of all the different password requirements there are around. Honestly, I don't give a **** if people know my login info for this site because the info I use here isn't the same for anything important.

Think about adding in password requirement info to the login page. I seriously have six passwords I use for sites like this and I never know which one to try because I never know what the original requirements were.
_elle_ and kyr656 like this.
odizzido is offline  
Sponsored Links
Advertisement
 
#4 Old 06-14-2016, 01:34 PM
The Corpulent Vegan
 
Aliakai's Avatar
 
Join Date: Mar 2014
Location: Seattle
Posts: 514
I get the needing to change our passwords now thing, there are a lot of websites getting hacked, but having to change it every year? Shouldn't that be a choice? It just sounds like extra hassle on a community that's already struggling to keep longtime members.

It's better to burn out than fade away! - Def Leppard


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Aliakai is offline  
#5 Old 06-14-2016, 01:41 PM
Veggie Regular
 
odizzido's Avatar
 
Join Date: Nov 2013
Posts: 727
uhg. I didn't even read that part aliakai.
odizzido is offline  
#6 Old 06-14-2016, 06:58 PM
Not such a Beginner ;)
 
LedBoots's Avatar
 
Join Date: Jul 2011
Posts: 8,396
@VSadmin could we have some details about the security breach please?

Also, you might want to pin this thread.
LedBoots is offline  
#7 Old 06-14-2016, 09:25 PM
Veggie Regular
 
jessandreia's Avatar
 
Join Date: Nov 2013
Location: ON, Canada
Posts: 1,616
Quote:
Originally Posted by Aliakai View Post
I get the needing to change our passwords now thing, there are a lot of websites getting hacked, but having to change it every year? Shouldn't that be a choice? It just sounds like extra hassle on a community that's already struggling to keep longtime members.
Agreed on that last sentence. Honestly, my first thought when I read all those rules for a password was "Guess I won't be posting anymore". I like having passwords that I can easily memorize, and my creativity to think of passwords isn't good at all.

"We have enslaved the rest of the animal creation, and have treated our distant cousins in fur and feathers so badly that beyond doubt, if they were able to formulate a religion, they would depict the Devil in human form." - William Ralphe Inge

jessandreia is offline  
#8 Old 06-15-2016, 11:09 AM
Veggie Regular
 
runnerveggie's Avatar
 
Join Date: Jul 2010
Posts: 1,862
If you are concerned about a security issue, there might be a better way to inform your membership than making a post that people might not see in a timely manner (for example, many people may not read VB every day). This post actually isn't that easy to find on VB, even if you do check the forums regularly.
TailFin likes this.
runnerveggie is offline  
#9 Old 06-15-2016, 11:15 AM
Administrator
 
CricketVS's Avatar
 
Join Date: Apr 2015
Location: Texas
Posts: 563
Quote:
Originally Posted by runnerveggie View Post
If you are concerned about a security issue, there might be a better way to inform your membership than making a post that people might not see in a timely manner (for example, many people may not read VB every day). This post actually isn't that easy to find on VB, even if you do check the forums regularly.
I believe Helena mentioned that an email will also be sent out.
CricketVS is offline  
#10 Old 06-15-2016, 07:08 PM
Not such a Beginner ;)
 
LedBoots's Avatar
 
Join Date: Jul 2011
Posts: 8,396
What information was exposed?
TailFin likes this.
LedBoots is offline  
#11 Old 06-16-2016, 09:23 AM
Administrator
 
VSadmin's Avatar
 
Join Date: May 2014
Posts: 481
Personally, I'm unsure if this site specifically was compromised or not, but if it was all that could be exposed are usernames, emails, and encrypted password files. Not enough to do any harm, unless you have a simple password for you account. With that basic info, simple passwords can be easily broken. Adding the extra layer of complexity to a password removes that threat.

Kevin
VSadmin is offline  
#12 Old 06-16-2016, 10:08 AM
Veggie Regular
 
TailFin's Avatar
 
Join Date: Nov 2011
Location: East Coast, USA
Posts: 498
The company now requires users to have stronger passwords.

What is the company doing to increase their security against future breaches?
LedBoots likes this.
TailFin is offline  
#13 Old 06-16-2016, 07:22 PM
Veggie Regular
 
Naturebound's Avatar
 
Join Date: Apr 2013
Location: Minnesota
Posts: 4,609
I just want to mention that I had a heck of a time resetting my password. I got the notification that my password no longer worked and I needed to reset it. So I followed the instructions and was told I would get an email. I waited all last night and this morning and still no email, not even in my spam box. So I tried the process again and still no email. I contacted the administrator as suggested in the instructions if one does not get an email. No response, nothing. I finally tried the whole process again tonight and this time I received an email. There is nothing more disconcerting than being locked out of a forum you devoted three years of your life to, even at times as a moderator. I was beginning to think I would have to leave VB behind and move on. I hope no one else has as much trouble as I have resetting their password.
Purp and LedBoots like this.

In the end, only kindness matters. - Jewel



To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Naturebound is offline  
#14 Old 06-17-2016, 01:57 AM
Not such a Beginner ;)
 
LedBoots's Avatar
 
Join Date: Jul 2011
Posts: 8,396
Don't you mods want to pin this thread? It is easy to miss.
LedBoots is offline  
#15 Old 06-17-2016, 05:00 AM
Lifelong vegetarian
 
@rno's Avatar
 
Join Date: Mar 2009
Posts: 2,617
After the message that I had to change my password, I was angry. It took too much time before the email with the new password came. I was thinking not to visit Veggieboards again.

But I am addicted, so I tried again. And ..... here I am again. You don't get rid of me so easy. ;-)
Purp, LedBoots and Naturebound like this.

My usual answer: I have never heard a convincing reason to eat meat.
@rno is offline  
#16 Old 06-17-2016, 06:36 AM
Veggie Regular
 
TailFin's Avatar
 
Join Date: Nov 2011
Location: East Coast, USA
Posts: 498
Quote:
Originally Posted by LedBoots View Post
Don't you mods want to pin this thread? It is easy to miss.
No, they want to file it away and try to forget.

My question was not meant to be rhetorical, and I doubt I'll get an answer.
LedBoots likes this.
TailFin is offline  
#17 Old 06-17-2016, 08:38 AM
Administrator
 
VSadmin's Avatar
 
Join Date: May 2014
Posts: 481
There are going to be a few behind the scenes changes put in place to prevent breaches. Sites will be kept more compartmentalized then they were before so any breach will be contained. Enhanced encryption

We are implementing many behind the scene changes. Hosting changes have already been done to isolate communities from one another and prevent any future compromise, and we’re working on enhanced encryption that will reduce the viability of a "dictionary attack" on passwords.

Someone stickyed this before I got here already.

Kevin
TailFin likes this.
VSadmin is offline  
#18 Old 06-17-2016, 09:34 AM
Veggie Regular
 
TailFin's Avatar
 
Join Date: Nov 2011
Location: East Coast, USA
Posts: 498
Quote:
Originally Posted by VSadmin View Post
There are going to be a few behind the scenes changes put in place to prevent breaches. Sites will be kept more compartmentalized then they were before so any breach will be contained. Enhanced encryption

We are implementing many behind the scene changes. Hosting changes have already been done to isolate communities from one another and prevent any future compromise, and we’re working on enhanced encryption that will reduce the viability of a "dictionary attack" on passwords.

Someone stickyed this before I got here already.

Kevin
Thank you for the reply; appreciate the explanation!
TailFin is offline  
#19 Old 06-21-2016, 10:55 AM
Not such a Beginner ;)
 
LedBoots's Avatar
 
Join Date: Jul 2011
Posts: 8,396
Anyone else notice the sharp decrease in traffic and posting here since this debacle?
Joan Kennedy likes this.
LedBoots is offline  
#20 Old 06-21-2016, 11:31 AM
Veggie Regular
 
TailFin's Avatar
 
Join Date: Nov 2011
Location: East Coast, USA
Posts: 498
Quote:
Originally Posted by LedBoots View Post
Anyone else notice the sharp decrease in traffic and posting here since this debacle?
Yes.

When this happened, I actually debated whether or not I wanted to keep posting here. I wonder if others have done the same.
Joan Kennedy and LedBoots like this.
TailFin is offline  
#21 Old 06-21-2016, 04:52 PM
Veggie Regular
 
Join Date: Apr 2012
Posts: 4,325
Quote:
Originally Posted by LedBoots View Post
Anyone else notice the sharp decrease in traffic and posting here since this debacle?
Not surprised. Just had a few days frustration trying to log in. Maybe others are having this same experience?

leedsveg is offline  
#22 Old 06-21-2016, 05:00 PM
Not such a Beginner ;)
 
LedBoots's Avatar
 
Join Date: Jul 2011
Posts: 8,396
Quote:
Originally Posted by leedsveg View Post
Not surprised. Just had a few days frustration trying to log in. Maybe others are having this same experience?

I didn't even know what email address I used to sign up here years ago. I am certain this is the case with others.

Glad you're back though, Leedsveg!
Joan Kennedy and leedsveg like this.
LedBoots is offline  
#23 Old 06-21-2016, 06:51 PM
Veggie Regular
 
Joan Kennedy's Avatar
 
Join Date: Mar 2010
Location: Lovettsville, VA and Portland, OR
Posts: 1,982
I had trouble too. And I had to watch a Progressive Insurance commercial twice during the process, and type in its company name once and its e-mail address once, in the box where you prove you're a person and not a bot.
LedBoots and TailFin like this.
Joan Kennedy is offline  
#24 Old 06-21-2016, 06:55 PM
Veggie Regular
 
Naturebound's Avatar
 
Join Date: Apr 2013
Location: Minnesota
Posts: 4,609
Quote:
Originally Posted by Joan Kennedy View Post
I had trouble too. And I had to watch a Progressive Insurance commercial twice during the process, and type in its company name once and its e-mail address once, in the box where you prove you're a person and not a bot.
I had to do that too! Commercialism at it's finest lol.
LedBoots and leedsveg like this.

In the end, only kindness matters. - Jewel



To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
Naturebound is offline  
#25 Old 06-22-2016, 03:41 AM
Veggie Regular
 
Join Date: Apr 2012
Posts: 4,325
It took me maybe 15 tries on the CAPTCHA (anti-bot) input before I got it to work. I even tried the audio version but the voices articulating the alphabetical letters were so fast and strangulated, I had no chance of registering them.

Good to be back with old friends.
Joan Kennedy, LedBoots and David3 like this.
leedsveg is offline  
#26 Old 06-22-2016, 03:45 AM
Not such a Beginner ;)
 
LedBoots's Avatar
 
Join Date: Jul 2011
Posts: 8,396
Quote:
Originally Posted by leedsveg View Post
It took me maybe 15 tries on the CAPTCHA (anti-bot) input before I got it to work. I even tried the audio version but the voices articulating the alphabetical letters were so fast and strangulated, I had no chance of registering them.

Good to be back with old friends.
It seems a bit like 'forced' advertising
Joan Kennedy, TailFin and David3 like this.
LedBoots is offline  
#27 Old 06-22-2016, 08:55 AM
Administrator
 
VSadmin's Avatar
 
Join Date: May 2014
Posts: 481
Hey there,

I appreciate all your patience and understanding about this issue.

If members are unable to remember their emails, or have an old email attached to their current account and do not receive the email, please send them to the Contact uUs page on the site. We are hoping the notice at the top of the page will lead members to the contact us page, but is not please direct them there.

Thank you for your assistance team,

Richard.
VSadmin is offline  
#28 Old 06-25-2016, 12:17 PM
Vegan since 1991
 
David3's Avatar
 
Join Date: Jan 2015
Posts: 3,646
Security & Data Breach (merged)

The Security and Data Breach link is interesting. I didn't realize that the owner of VeggieBoards, Vertical Scope, had such a wide variety of other forums, including 10 different hunting and fishing forums: http://www.verticalscope.com/outdoor/ . Whatever sells advertising, I guess!

.

_________

Specific recommendations for a healthy diet include: eating more fruit, vegetables, legumes, nuts and grains; cutting down on salt, sugar and fats. It is also advisable to choose unsaturated fats, instead of saturated fats and towards the elimination of trans-fatty acids."
- United Nations' World Health Organization
http://www.who.int/topics/diet/en/

Last edited by David3; 06-25-2016 at 12:40 PM.
David3 is offline  
#29 Old 06-25-2016, 12:34 PM
Vegan since 1991
 
David3's Avatar
 
Join Date: Jan 2015
Posts: 3,646
Vertical Scope's rating by the Better Business Bureau is a disappointing B-minus : http://www.bbb.org/kitchener/busines...nto-on-1176776 .

Maybe we can provide Vertical Scope with concrete advice to improve their business rating.

_________

Specific recommendations for a healthy diet include: eating more fruit, vegetables, legumes, nuts and grains; cutting down on salt, sugar and fats. It is also advisable to choose unsaturated fats, instead of saturated fats and towards the elimination of trans-fatty acids."
- United Nations' World Health Organization
http://www.who.int/topics/diet/en/

Last edited by David3; 06-25-2016 at 12:39 PM.
David3 is offline  
#30 Old 06-25-2016, 12:37 PM
Veggie Regular
 
Join Date: May 2013
Posts: 1,282
Quote:
Originally Posted by David3 View Post
The Security and Data Breach link is interesting. I didn't realize that the owner of VeggieBoards, Vertical Scope, had such a wide variety of other forums, including 10 different hunting and fishing forums: http://www.verticalscope.com/outdoor/ . Whatever sells advertising, I guess!

.
I realized that Michael had sold the site to a non-veg*n organization. I didn't realize how heavily invested it was in making money from hunting and fishing. Ah, Michael, not very veg*n of you.

I don't think that I want to continue to add to their profits.
Beautiful Joe is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the VeggieBoards forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in




Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off