Motorhome Facts Forum banner

Attention - Password and Security Update

25K views 222 replies 46 participants last post by  Penquin 
#1 ·
Hey all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management
 
See less See more
#41 ·
Apparently according to this.................
https://haveibeenpwned.com/

I have had my Linkdin and Adobe passwords compromised.

Ray.
 
#43 ·
Heya all,

Ping me with you have any questions, we have all hands on deck right now network and company wide so we might be slow to respond.

You will get and email or notice when we que up to update your password.

Note this is a third party vendor that got hacked not us, they exploited the plugin to gain access to the info, legal is on it.

Jeff M
 
#56 ·
But you still locked me out today and it's taken EIGHT HOURS to get a new password and back in again. There being nothing wrong with the original password.!!
All this time getting more and more frustrated with the site and wondering why I bother.

Ray.
Peed orff.
 
  • Like
Reactions: Penquin
#46 ·
Well according to the pwnd website linked earlier my main email address and username has not been compromised. My hotmail account was in 2014 and that was when Avast got hacked apparently. The thing is though with security getting ever tighter banks etc (important stuff) usually has more than one level. Its never just a password these days. There is usually memorable information and random numbers sometimes generated by a key fob thingy or card to enter. Even Vodafone send me a text now with a code every time I login to check my bills.

I wont lose too much sleep over it. Your generally covered if your account gets emptied anyway.
 
#48 ·
Admin

I have just read the following thread

http://forums.motorhomefacts.com/17-website-help/186298-urgent-upcoming-password-changes.html

I cannot respond on there.

It says I will get a new temporary password and I can change it.

It also says that this does not affect the access to the Home Page. Which Home page? And if I can get to the Home Page via my old password, surely then I can get to anywhere else from there, so why do I need a new password.

Are you guys going crazy or am I? or are you driving us crazy? This is a multi-choice question.

Geoff
 
#52 ·
I had my debit card stopped and a new one issued by my bank recently. They wouldn't tell me much but I believe that Amazon had a problem and it's security couldn't be guaranteed.



This text from an email I received recently may help explain what's going on with VS.


Dashlane
Recently, several popular services have suffered security breaches, resulting in millions of email and password combinations becoming publicly available online. You may have already received a Security Breach Alert in your Dashlane app, notifying you to change your password for these breached websites and anywhere else you’ve used the compromised passwords.

With such large-scale breaches becoming commonplace, your email may end up on unwanted lists. We would like to remind you of a few critical precautions to take to protect yourself online:
1. For your privacy and protection, Dashlane and our Customer Support team will never ask you for your Master Password in any communication. If you are asked for your Master Password, do not provide it. Instead, contact us through our Help Center on our website.
2. Never use the same password for your Master Password and any other service. Make your Master Password unique to Dashlane, and write it down until you remember it, if you’re afraid you’ll forget.
3. Always verify links in emails before opening them. Make sure they take you to known websites before entering any personal information on a site.
Dashlane is a great tool to help protect yourself from breaches and phishing scams. We’ve shared other tips for protecting yourself online on our blog. Please read and share them with others, so they can protect themselves, too.
 
#53 ·
Remembering passwords seems to be a problem with us all.
I have 5 pages of them in my filofax........God help me if I lose it.
Reminds me of a story about two elderly ladies having a chat over afternoon tea.

'Mavis I am having a problem remembering my password when I go online'
'Well Rita I have a foolproof way of remembering mine'
'What is that Mavis?'
' I just type in the first word that comes into my head Rita'
' How does that work Mavis'
' It comes back '' Password Incorrect'' and then I have it.'

I know .....should be under 'Jokes and Trivia'
Ian
 
#54 ·
Changed my password on Tuesday. This morning neither the new one or the old one would work.

Oh well, try the lost password button. Guess what, that didn't work either. Tried half a dozen times and each time it said it had sent an email containing a temporary password. It hadn't.

Oh well, not to worry I'll just use a proxy, open a duplicate account and post about my difficulty. Nope, the registration page didn't work. All I got was a blank page.

Finally I send an email by the contact us page and an admin sent me a temp password.

While I was locked out I did a bit of looking round and found this: http://thenextweb.com/insider/2016/...len-verticalscope-forums-massive-data-breach/

I can't say it comes as a surprise. Pity VS didn't think to tell us. Maybe they thought we wouldn't find out.

Though the VS staff are very nice people and I'm sure each of them are very good at what they do as individuals, the whole as it's currently constituted doesn't amount to a company capable of doing anything close to a professional job of running this forum, and by all accounts many others under the VS banner are just as bad.

Poor show VS. Your lucky that your customers are loyal to their individual forums because I'd guess that not many of us would still be here giving business to VS otherwise. BS might be a better abbreviation for us to use from now on.
 
#57 ·
Had exactly the same experience. Couldn't log on with usual password, couldn't post in any other way, requested new password, got email for "Forgotten" password, clicked on link, then got told would be sent email with new password. No email arrived.

Then complained via "Contact us", finally got sent new password, wouldn't work until third attempt, heaven knows if it will work tomorrow! Password sent is totally unmemorable unless we write it down! Would prefer to change it to something we can remember, but don't dare try!

What a run around! And, to make matters worse, missed seeing the great Bale goal for Wales!
 
#55 ·
Vs, throw the old Sinclair zx80 out, it ain't up to the job :frown2:


tony
 
#60 ·
I guess that with 45 million passwords apparently having been compromised BS have their hands full at the minute and may do for quite a while to come.

I do think it's a pity that the story had to be stumbled across rather than BS putting their hands up. I can't remember the waffle they gave us for the security update but I'm pretty sure it didn't read, "Sorry we cocked up, fixing it now and we need your help and patience please."

I guess BS employ the BP style when it comes to public relations. It didn't do BP any good BS, you should take note of that. In fact there is a long list of companies who've tried deflection and spin only to find that it went very wrong indeed.
 
#61 ·
Logged in this morning OK, went to work and when back tried to log in again but told me I had forgotten my password, clicked the "forgotten password" link.
Message to my mail told me to click on the link, clicked and the webpage sent me a new password, took about 5 mins to arrive, time for a ciggie and a dash of whiskey
Clicked the link to change the password from the new mail, changed the password to one of my liking and now OK.

Simples!
 
#63 ·
Hey all,

Due to the password resets we were performing, several mail providers have throttled our overnight password resets on this community, so there may be a delay in receiving emails. Be sure to check all folders, including spam. If you have not received a password reset as of yet, please request one using the "forgot password" function. If you're still having trouble, use the Contact Us page and the support team will take care of you. Please include your username and registered email address to expedite your request.

As for the report, the article fails to mention that the breach was for a third party plugin. This breach is on countless sites across the internet and not just limited to ours.

Their system was compromised and they grabbed user data for us and thousands of others. We cleared our part of the breach and went this route to further security. This is also in place as many members on the internet use the same or similar passwords across all things they use.

These tech blogs don't ever get the full story, there just have hearsay and run with and embellish it.

We cannot go into detail at the moment as it is being dealt with on a legal level.

Thanks everyone,
Dayle
 
#65 ·
................

As for the report, the article fails to mention that the breach was for a third party plugin. This breach is on countless sites across the internet and not just limited to ours.

Their system was compromised and they grabbed user data for us and thousands of others. We cleared our part of the breach and went this route to further security. This is also in place as many members on the internet use the same or similar passwords across all things they use.

.................

Thanks everyone,
Dayle
I wish I understood what that means. I suspect it's mainly diversion but we'll find out when somebody who does know finally manages to log in.

What a clever boy you are Matchlock, the method you described is exactly the method that would not work earlier as reported by many members. It's obviously been fixed just in time for you to find it simple and patronise us.
 
#66 ·
Yep nothing worked this morning or most of this afternoon.

For those worried about changing your password from the one thats been sent to you I just changed mine straight away no problem.

As I posted on Alans "locked out" thread VS need to be aware that the registrations page is not working so nobody new can sign up. :(
 
#70 ·
Well what a bloody mess, VS say some emails have been throttled back.......
I know who I would love to throttle, and yes I know it's only a motorhome forum but the management of the problem has been really pathetic.

Note, Jean aka JWW and Mygalsal have/are impacted and are as frustrated as all of us. I will contact Jean again and try to help.

Thanks Erneboy and barryd and Fruitcakes for your help.

Terry
 
#76 ·
Hey Jeff, I'm not sure how much training you've had on dealing with customer complaints but I can tell you that it would be best to seem a little contrite and that you certainly shouldn't ever try to use the fact that you have a massive backlog of customer complaints awaiting attention to explain why an individual customer has been kept waiting. That is a really bad idea.

Finally when dealing with a customer who is complaining about having to wait for attention it's really not at all wise to tell him 12 hours later that the remedy is simple in a way the almost suggests he has missed something obvious, especially when everybody knows that the function you are suggesting he now use hasn't been working for most of the day.
 
#77 ·
I concur.

I tried just about everything to get back in and reset passwords, logon differently or as someone else, contact us etc on and off most of the day. None of the stuff worked for whatever reason until later this afternoon.

Short of hacking the system myself there was no way I was getting back in. Maybe I dunno what I am doing perhaps. :shock:
 
#83 ·
I concur.

I tried just about everything to get back in and reset passwords, logon differently or as someone else, contact us etc on and off most of the day. None of the stuff worked for whatever reason until later this afternoon.

Short of hacking the system myself there was no way I was getting back in. Maybe I dunno what I am doing perhaps. :shock:
And if Barry had problems as a very savy knowledgeable but slightly rotund member, just think of the exasperations the rest of us have undergone.
An apology or even a free years membership would not be a bad gesture.

Still peed orff Ray.
 
#82 ·
Jeff

Can you please (or get UK Admin to do it) look at member Caulkheads account please? I think I reported a post he made earlier in one of the threads as the only user name he has been able to login to is his old one from 2007 Basil69. I think the email address associated with his account must be mixed up or something and he has used up his 5 free posts as Basil69 but is unable to get back his caulkhead login which he paid his subs for just recently.

He like many others is having to communicate with fellow members through "another forum".
 
#85 ·
Nil illegitimate Carborundum springs to mind.

I hope most will persevere as I still find many of the 'old' stalwarts invaluable mine of info when needed.

Ray.
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top