Watch Freeks banner

1 - 13 of 13 Posts

·
Administrator
Joined
·
1,224 Posts
Discussion Starter #1
Hello all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management
 

·
Administrator
Joined
·
1,224 Posts
Discussion Starter #2
Attention - Password and Security Update

Hello all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management
 

·
Super Moderator
Joined
·
7,444 Posts
I'd like to know how to reset/change my password??
Got to "USER CP", then look on the left sidebar under "SETTINGS AND OPTIONS" you should see "Edit Email and Password". Click that link and it will walk you through it.
 

·
Administrator
Joined
·
11,415 Posts
The key to this whole thing is clicking the highlighted link:





If you just try to use the new password on the forum, it may not work (it didn't for me). You can copy and paste the new password through that link and reset to whatever you like (as long as it includes the required characters).
 

·
Registered
Joined
·
5,351 Posts
Done it a couple of days ago. Thank you for being vigilant. There's been a string of accounts thefts lately. I was hit as well, to make a long story short, I have a new credit card.
 

·
Super Moderator
Joined
·
7,444 Posts
To be fair, good cyber vigilance dictates not clicking links found in emails.



The key to this whole thing is clicking the highlighted link:





If you just try to use the new password on the forum, it may not work (it didn't for me). You can copy and paste the new password through that link and reset to whatever you like (as long as it includes the required characters).
 

·
Registered
Joined
·
5,351 Posts
To be fair, good cyber vigilance dictates not clicking links found in emails.
Agreed. There's a warning underneath the link but most people view emails, don't read them. That's where the trouble starts.
 

·
Super Moderator
Joined
·
7,444 Posts
Agreed. There's a warning underneath the link but most people view emails, don't read them. That's where the trouble starts.
My work email has all hyperlinks deactivated at the server, if you want to follow one you need to copy and paste it rather than just arbitrarily click on it. There was a huge incident a little while back that took our network down for weeks because of phishing and malware.
 

·
Registered
Joined
·
464 Posts
So where is this support forum I received an email about? This hacking is unacceptable and to tell those affected to monitor their stuff is BS. Vertical scope should be providing credit monitoring for every member compromised on each forum that was compromised.

It strikes me as being not only careless with the information entrusted to them but taking members at their forums for granted. There are ways to ensure that care is taken to protect members and I know we do it where I call home at a financial cost but worth it. You cannot trust your hosting service to protect your sites, that falls on the site owners.
 

·
Registered
Joined
·
677 Posts
So where is this support forum I received an email about? This hacking is unacceptable and to tell those affected to monitor their stuff is BS. Vertical scope should be providing credit monitoring for every member compromised on each forum that was compromised.

It strikes me as being not only careless with the information entrusted to them but taking members at their forums for granted. There are ways to ensure that care is taken to protect members and I know we do it where I call home at a financial cost but worth it. You cannot trust your hosting service to protect your sites, that falls on the site owners.
What were you keeping on the site? Nuclear launch codes?

Personal diligence plays a role here as well. If you're using the same username and password on a public forum as you do at your bank... well... don't do that.
 

·
Super Moderator
Joined
·
7,444 Posts
First off, there is a huge banner on the main page that leads to here:
http://www.verticalscope.com/about-us/notice-of-data-breach.html

You are in the support forum right now.

The potential information compromised is only:
Community member usernames, email addresses, hashed passwords, community userIDS, community website, and the IP address the username originally registered with.
Why would credit monitoring even be a requirement (unless your username or password happened to be your soc. sec. #)?

As far as being careless with our information, ANY information out on the internet, no matter how well encrypted, is always at risk from bad actors. From what I know, Vertical Scope had done nothing wrong in this case, and there are plenty of sites you probably have visited that have been compromised at some point that still have gone noticed, or have not been announced to members.

Had this site been small and independently run, do you think the owners/administrators have ever found out or that you would have been notified? Doubtful.

So, what was the cost to you other than being required to reset your password to something likely more secure than what you had been using?


So where is this support forum I received an email about? This hacking is unacceptable and to tell those affected to monitor their stuff is BS. Vertical scope should be providing credit monitoring for every member compromised on each forum that was compromised.

It strikes me as being not only careless with the information entrusted to them but taking members at their forums for granted. There are ways to ensure that care is taken to protect members and I know we do it where I call home at a financial cost but worth it. You cannot trust your hosting service to protect your sites, that falls on the site owners.
 

·
Registered
Joined
·
0 Posts
Cant sign in I think my account is hacked!

Hi I cant sign in and when I put in my email for forgot my password is say its not recognized please help!!

Thanks Sryukon
 
1 - 13 of 13 Posts
Top