I have a strange problem. After the server change, I can't login. I got the email about hacking attempt, and I changed my password.

It worked, but after a while, I can't login anymore, and I had to change my password once again.

And then, after some while, I can't login again, and I had to change my pasword once more.

this is my third password change in 2 days. I sent an email to the webmaster because It's really frustating and I didn't want to change my password once again, but I haven't got any reply, and I asked for another password change just to write this.

Dunno if this password will stay.

I got your email and sent you another password change email. I'm still looking into the problem.

It's been a day and the password stays. Huh, I guess whatever problem it was is afraid to the fastest gun in the playground.

I'll notify if there's any more problem. Thanks anyway, Rawhide.

I got the email about hacking attempt...

Was that only sent to certain people? I've seen it mentioned elsewhere by somebody else, but I never received it.

There was a hacking attempt on the server, including a brute force attack. The hacker's goal seems to have been to collect people's passwords to use them on other sites (such as PayPal). This is the primary reason I pulled the plug on the forums.

Now, to be clear, there is no way to extract passwords from the vBulletin database, they are stored using non-reversible encryption. This means that once they have been encrypted, they cannot be unencrypted by any means, this is known as 'hashing'. In order to compare your entered password with your stored password, it has to hash the password you entered and compare the two hashes. For the technical people, passwords are MD5ed twice and salted.

In order to get passwords from people, they have to get the password before it is encrypted, and this is exactly what they attempted to do. I spotted the attempt, pulled the plug and did a complete server examination to make sure nothing was affected. While we do not believe the hacker was successful in getting any passwords, potentially less than 1% of members could have been affected and as the security and privacy of our members are very important to us, I changed all of those users' passwords to something unusable as a precaution and emailed them explaining what happened (including password reset instructions and a suggestion to change other passwords they use which were the same).

I also recommended that we move to a new server to be absolutely 100% sure that nothing else unnoticeable had happened and Rich is now also paying the hosting company an extra $55 a month for around the clock security monitoring.

I also recommended that we move to a new server to be absolutely 100% sure that nothing else unnoticeable had happened and Rich is now also paying the hosting company an extra $55 a month for around the clock security monitoring.

That's because Rich is awesome.

Happened to me too, my password changed, but only once. Probably cause I dont have paypal or anything else related to money.

<This is Thanatos5150>
So thats been my problem, which is compounded by me being underway and not able to access my civilian E-mail(s).
Sorry about the alt, I really don't care about its fate after today. I've been using it to PM Play-by-Post actions to the Thread Leader.
Thanks for the catch, and the security, Rawhide & Rich!

<This is Thanatos5150>
So thats been my problem, which is compounded by me being underway and not able to access my civilian E-mail(s).
Sorry about the alt, I really don't care about its fate after today. I've been using it to PM Play-by-Post actions to the Thread Leader.
Thanks for the catch, and the security, Rawhide & Rich!

And the alternate email address you gave me bounced.

And the alternate email address you gave me bounced.


Possible causes I can think of off the top of my head:

1> I typo'd and didn't and sent -.mil instead of .navy.mil
2> You're sending me the email from a .au address. I know a buddy of mine has had problems corresponding with a friend that had a .ru e-mail.

It shouldn't matter, I'll be back on shore very soon (Can't give exact times for security reasons). I'll just meander down to a wi-fi spot and fix the problem there.
Thanks for tryin', though!

I stopped getting email updates so I changed email. I started getting them again but today I got all the missing emails on the old email address.