Attention - Upcoming Password Changes - Dakota Durango Forum
Dakota-durango.com Forum Help Desk Post here for site related issues, inquiry, help and suggestions.

 
Thread Tools Rate Thread Display Modes
post #1 of 8 Old 06-17-2016, 08:39 PM Thread Starter
Admin
Forum Administrator
 
Admin's Avatar
 
Join Date: Jul 2003
Location: Everywhere
Vehicle: Car
Posts: 468
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 12 Post(s)
 
Garage
Attention - Upcoming Password Changes

Hello Everyone,

Per the latest announcements we will be resetting everyone’s passwords. Shortly you should be receiving an email directing you how to change your password. It will look like this:

Quote:
Quote:
Subject: Your new password for *site name*
Dear *username*,

Your password has been reset by an administrator. Your new details are as follows:

Username: *username*

Password: *Randomly generated temp password*

To change your password, please visit this page: *link to password reset edit page from USERCP*

If you suspect this email is a scam, you can confirm the legitimacy of this email by manually navigate to the forum URL yourself and use your new password to log in.

All the best,

Site Name


As you can see it will give you a randomly generated temporary password, as well as telling you where you need to go to updated it accordingly.

If you do not receive this email please go to the contact us page and select Other, and type in Security Password Update Issues

We’re sorry for the inconvenience.



The Community Support Team

ForumAdmin
Admin is offline  
Sponsored Links
Advertisement
 
post #2 of 8 Old 06-19-2016, 05:46 PM
mprosco91
Registered User
 
Join Date: Dec 2015
Location: Hamden, CT
Vehicle: 2001 Dodge Durango SLT
Modifications: intake, exhaust
Posts: 83
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 9 Post(s)
 
When should we receive it by?

Sent from my SM-G920P using Tapatalk
mprosco91 is offline  
post #3 of 8 Old 06-19-2016, 10:09 PM
hskrRT
nstg8tr
 
hskrRT's Avatar
 
Join Date: Jul 2003
Location: Nebraska
Vehicle: 2000 R/T
Modifications: Lots 'O stuff
Posts: 17,420
Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 188 Post(s)
   
Send a message via AIM to hskrRT Send a message via Yahoo to hskrRT
Might have to just stop visiting this forum as well now. No need to reset my password, it works just fine the way it is. I havnt been hacked, I havnt forgot it.

hskrRT is offline  
 
post #4 of 8 Old 06-20-2016, 07:12 AM
TazRango
Jersey Boy


 
TazRango's Avatar
 
Join Date: Dec 2007
Location: Kansas
Vehicle: 2000 Durango SLT+ 4.7
Posts: 9,489
Mentioned: 4 Post(s)
Tagged: 0 Thread(s)
Quoted: 243 Post(s)
   
I absolutely agree. I already laid into them about it because our passwords will expire even more often than yours now and it does nothing to help security. They basically don't care about our opinions. My guess is they got breached and are too chicken to admit it.



Use torrents? Already got two copyright strikes with your ISP? Got a slow upload connection? You need an offshore SEEDBOX! Includes a FREE VPN Endpoint in France, The Netherlands, or Canada (allows you to watch Netflix titles not available in the US!!).

CLICK--> DediSeedbox.com - 1Gbps backbone, up to 1TB storage, unlimited traffic, unlimited concurrent torrents, Secure FTP, VPN, and HTTPS access to files <--CLICK


Quote:
Originally Posted by Big_Texxan View Post
fuck it, Im going to convert those to HID and stick them in my heads, fogs, tails, double heads, and my butt so I make a halo while shitting. It would be like a holy shit, and maybe one around my penis for that illuminating experience a girl has hahahaahahahaah
Quote:
"How many times is Biden gonna say something stupid?" -Barack Obama (2008) ▼▼▼▼
Quote:
"And Neal Smith, an old butt buddy, are you here Neal?" -Joe Biden (2/12/15)
TazRango is offline  
post #5 of 8 Old 06-20-2016, 08:07 PM Thread Starter
Admin
Forum Administrator
 
Admin's Avatar
 
Join Date: Jul 2003
Location: Everywhere
Vehicle: Car
Posts: 468
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 12 Post(s)
 
Garage
Quote:
Originally Posted by TazRango View Post
I absolutely agree. I already laid into them about it because our passwords will expire even more often than yours now and it does nothing to help security. They basically don't care about our opinions. My guess is they got breached and are too chicken to admit it.
There was a breach, but it wasn't ours. It does affect all vBulletin sites and this is the reason for the password the reset.

And as I already let you know, we can revisit the complexity/expiring passwords for the general members at a later date if it really becomes an issue. For now, the criteria is set as such.

Dayle

ForumAdmin
Admin is offline  
post #6 of 8 Old 06-20-2016, 08:20 PM
TazRango
Jersey Boy


 
TazRango's Avatar
 
Join Date: Dec 2007
Location: Kansas
Vehicle: 2000 Durango SLT+ 4.7
Posts: 9,489
Mentioned: 4 Post(s)
Tagged: 0 Thread(s)
Quoted: 243 Post(s)
   
Quote:
Originally Posted by Admin View Post
There was a breach, but it wasn't ours.
Oh really?

http://www.zdnet.com/article/hacker-...sports-forums/

Quote:
It does affect all vBulletin sites and this is the reason for the password the reset.
Tell the WHOLE truth. It affects "all vBulletin sites" that VerticalScope owns. No other "non-VS" vBulletin forums are forcing resets because they aren't affected. Not only was it YOUR breach due to your lax back-end security, but you sat on it for 4 months and downplayed the scale of it before you did anything about it. Meanwhile anyone naive enough to use the same password on different sites (because complex passwords are too hard to remember) is easy pickings.

Requiring 10+ character passwords composed of mixed case letters, numbers, and special characters -and then expiring them - does absolutely nothing if you are running outdated/unpatched software (some of which - including what this board is running - is several years old with many known vulnerabilities) and "encrypting" passwords with MD5 and a 24 bit salt (which can be reverted to plaintext by your average 10 year old) then storing them on interconnected servers. That's like putting all sorts of deadbolts, chains, bars, and a 4-point Fox lock on your steel-reinforced front door while leaving the glass patio door wide open with its screen door secured with a luggage lock.

Basically you're making things harder on all of your members because you couldn't be bothered to patch your sites and follow basic IT-101 security practices at your end.



Use torrents? Already got two copyright strikes with your ISP? Got a slow upload connection? You need an offshore SEEDBOX! Includes a FREE VPN Endpoint in France, The Netherlands, or Canada (allows you to watch Netflix titles not available in the US!!).

CLICK--> DediSeedbox.com - 1Gbps backbone, up to 1TB storage, unlimited traffic, unlimited concurrent torrents, Secure FTP, VPN, and HTTPS access to files <--CLICK


Quote:
Originally Posted by Big_Texxan View Post
fuck it, Im going to convert those to HID and stick them in my heads, fogs, tails, double heads, and my butt so I make a halo while shitting. It would be like a holy shit, and maybe one around my penis for that illuminating experience a girl has hahahaahahahaah
Quote:
"How many times is Biden gonna say something stupid?" -Barack Obama (2008) ▼▼▼▼
Quote:
"And Neal Smith, an old butt buddy, are you here Neal?" -Joe Biden (2/12/15)

Last edited by TazRango; 06-21-2016 at 06:27 AM.
TazRango is offline  
post #7 of 8 Old 06-21-2016, 11:22 PM Thread Starter
Admin
Forum Administrator
 
Admin's Avatar
 
Join Date: Jul 2003
Location: Everywhere
Vehicle: Car
Posts: 468
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 12 Post(s)
 
Garage
Hey there,

So it's not accurate.
A 3rd party plugin that we and other networks use had it's developers' compromised. Their DB was breached and data was scraped.
I can't ID the plugin as it's under legal investigation. However I can say that it had access to user data because it functions separately from the vb software. Many plugins do this, chats, news letters, mobile apps etc. This is not an active breach, however as a precaution we did initiate security updates including password changes and new pass requirements.

Here is a Statement directly from our company:
http://www.verticalscope.com/about-u...ty-update.html

Let me know if there is anything I can help clarify.
There is only so much we can share, we will try to answer the best we can.

Thank you for your patience and understanding,

Richard.

ForumAdmin
Admin is offline  
post #8 of 8 Old 06-26-2016, 07:18 PM
Rusty Boltz
Registered User
 
Rusty Boltz's Avatar
 
Join Date: Feb 2013
Location: Fort Worth, TX
Vehicle: '02 Dakota SLT+ Quad Cab
Posts: 168
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 6 Post(s)
 
So I'm waiting. I got my notification from other forums, and have changed my password there, but I don't want to change it here then have to do it again because it's been reset.

I don't like the overly complicated password requirement. This is an automotive forum, not a banking website.

'02 Dakota
4.7 L
Automatic
Rusty Boltz is offline  
Sponsored Links
Advertisement
 
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Dakota Durango Forum forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



User Tag List

Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes Rate This Thread
Linear Mode Linear Mode
Rate This Thread:


Forum Jump

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

 
For the best viewing experience please update your browser to Google Chrome