|
|
06-25-2016, 12:35 PM
|
#1
|
Rivet Master
2007 23' Safari SE
San Diego
, California
Join Date: Apr 2006
Posts: 1,495
|
Password strength and security
Today I received an email from Toyota RAV4 Forums notifying me that I and all other members have been issued a new password due to a data breach of VerticalScope.com. I signed in with my new password and then followed their directions in their Notice of Data Breach on changing my password to one of my own choosing and how to make my password unique and strong.
They recommend using 10 or more characters with a mixture of upper-and-lower case letters, numbers and symbols... and to not use the same password for multiple online accounts... and to change passwords periodically.
After updating my password on Toyota RAV4 Forums, I then upgraded my password on AirForums and improved its strength, which seems more important than ever in light of the increasing DDOS and brute force attacks seen on AirForums recently and throughout the internet.
This seems like a good time to remind members to review their password strength and security.
|
|
|
06-25-2016, 12:40 PM
|
#2
|
Rivet Master
2007 22' International CCD
Corona
, California
Join Date: Jul 2013
Posts: 9,180
|
Absolutely. Use a longish password that is hard to guess. It does not have to be random. A few different short English words strung together with numbers and a symbol is hard to guess. The trick is to make it as long as a site will put up with.
I had a friend that used a line of Vietnamese poetry, in English characters. It was his favorite, long, and for him easy to remember. A computer password cracker program would not have come up with it because if the length.
I made my living as a paid paranoid in the computer security end of the business. Still do.
Sent from my pocket Internet using Airstream Forums
__________________
Rich, KE4GNK/AE, Overkill Engineering Dept.
'The Silver HamShack' ('07 International 22FB CCD 75th Anniversary)
Multiple Yaesu Ham Radios inside and many antennae sprouting from roof, ProPride hitch, Prodigy P2 controller.
2012 shortbed CrewMax 4x4 Toyota Tacoma TV with more antennae on it.
|
|
|
06-25-2016, 12:42 PM
|
#3
|
Remember, Safety Third
1973 27' Overlander
Catfish Corners
, Georgia
Join Date: Oct 2004
Posts: 5,720
|
Great reminder.
Something else to think about : passwords
Jim
|
|
|
06-25-2016, 03:40 PM
|
#4
|
Rivet Master
Tavares
, Florida
Join Date: Jun 2015
Posts: 1,051
|
I wondered about that.
Verticalscope bought a bunch of enthusiast forums a month or so ago.
Not too impressed that they're having data security issues.
__________________
“Character is doing the right thing when nobody’s looking. There are too many people who think that the only thing that’s right is to get by, and the only thing that’s wrong is to get caught.” - J.C. Watts Jr.
|
|
|
06-25-2016, 04:12 PM
|
#5
|
Rivet Master
2014 20' Flying Cloud
Sag Harbor
, New York
Join Date: Jun 2015
Posts: 17,523
|
Quote:
Originally Posted by Llando88
I wondered about that.
Verticalscope bought a bunch of enthusiast forums a month or so ago.
Not too impressed that they're having data security issues.
|
So this is why I got an email about changing my PW at another site a couple of weeks ago . . .
I don't use that forum much any more so I am going to let that sleeping dog lie for a while . . .
|
|
|
06-25-2016, 04:17 PM
|
#6
|
Rivet Master
2007 22' International CCD
Corona
, California
Join Date: Jul 2013
Posts: 9,180
|
Only if you don't reuse that password elsewhere.....
Sent from my pocket Internet using Airstream Forums
__________________
Rich, KE4GNK/AE, Overkill Engineering Dept.
'The Silver HamShack' ('07 International 22FB CCD 75th Anniversary)
Multiple Yaesu Ham Radios inside and many antennae sprouting from roof, ProPride hitch, Prodigy P2 controller.
2012 shortbed CrewMax 4x4 Toyota Tacoma TV with more antennae on it.
|
|
|
06-25-2016, 04:19 PM
|
#7
|
4 Rivet Member
2016 25' Flying Cloud
Holly Springs
, Mississippi
Join Date: Sep 2015
Posts: 426
|
In today's world, the password should be at least 10 digits, and include upper and lower case letters plus numbers. Used to be 8 digits was enough; no more. Soon 12 digits will be the norm.
__________________
Bob
2016 FC 25' FB twin
2013 F-150 Lariat CrewCab 3.5 EB 4X4 3.55 axle
|
|
|
06-25-2016, 05:25 PM
|
#8
|
Rivet Master
2007 22' International CCD
Corona
, California
Join Date: Jul 2013
Posts: 9,180
|
Some places are requiring 16 now. (Sigh)
Sent from my pocket Internet using Airstream Forums
__________________
Rich, KE4GNK/AE, Overkill Engineering Dept.
'The Silver HamShack' ('07 International 22FB CCD 75th Anniversary)
Multiple Yaesu Ham Radios inside and many antennae sprouting from roof, ProPride hitch, Prodigy P2 controller.
2012 shortbed CrewMax 4x4 Toyota Tacoma TV with more antennae on it.
|
|
|
06-25-2016, 07:21 PM
|
#9
|
Rivet Master
2007 23' Safari SE
San Diego
, California
Join Date: Apr 2006
Posts: 1,495
|
|
|
|
06-25-2016, 08:40 PM
|
#10
|
Rivet Master
2005 19' Safari
GLENDALE
, AZ
Join Date: Aug 2004
Posts: 2,453
|
Here's a link to a news article with details on the VerticalScope hack.
|
|
|
06-25-2016, 10:36 PM
|
#11
|
Rivet Master
2007 23' Safari SE
San Diego
, California
Join Date: Apr 2006
Posts: 1,495
|
Quote:
Originally Posted by Phoenix
|
Thanks, Phoenix, for this link to zdnet.com's news article, " Hacker steals 45 million accounts from hundreds of car, tech, sports forums," that includes this brief excerpt:
"Many of the forums ran versions of vBulletin software dating back to 2007. Most were running software versions that were easily exploitable by hackers with known vulnerabilities."
This article underscores the importance of having a strong password, changing it periodically, and not using the same password on multiple online sites!
|
|
|
06-26-2016, 08:36 AM
|
#12
|
Rivet Master
2014 20' Flying Cloud
Sag Harbor
, New York
Join Date: Jun 2015
Posts: 17,523
|
Thanks for this discussion, password changed.
|
|
|
06-26-2016, 11:46 AM
|
#13
|
Rivet Master
2007 23' Safari SE
San Diego
, California
Join Date: Apr 2006
Posts: 1,495
|
Quote:
Originally Posted by SilverGate
Today I received an email from Toyota RAV4 Forums notifying me that I and all other members have been issued a new password due to a data breach of VerticalScope.com. I signed in with my new password and then followed their directions in their Notice of Data Breach on changing my password to one of my own choosing and how to make my password unique and strong.
They recommend using 10 or more characters with a mixture of upper-and-lower case letters, numbers and symbols... and to not use the same password for multiple online accounts... and to change passwords periodically.
After updating my password on Toyota RAV4 Forums, I then upgraded my password on AirForums and improved its strength, which seems more important than ever in light of the increasing DDOS and brute force attacks seen on AirForums recently and throughout the internet.
This seems like a good time to remind members to review their password strength and security.
|
When I received the email mentioned above, telling me my password had been reset, it included a link to a webpage where I could change my password to one of my own liking. I was impressed that they also included this good advice: "If you suspect this email is a scam, you can confirm the legitimacy of this email by manually navigate to the forum URL yourself and use your new password to log in."
This good advice is further explained in The Seattle Times article of June 24, 2016:
" Instructed to reset password? How to avoid being phished"
|
|
|
06-27-2016, 06:39 AM
|
#14
|
Rivet Master
1977 Argosy Minuet 6.0 Metre
Colorado Springs
, Colorado
Join Date: Dec 2003
Posts: 738
|
A method I have used for years. Pretend you are a novelist preparing a new novel, invent a persona, give them a history, a life, make it as real as you can. Then let the new character pick the password. That way even someone that may know you very well will not be able to guess and you can still remember it easy. And of course, apply the above suggestions about a mixture of symbols.
__________________
Royce (K0RKK) 146.460 simplex
Web page https://spearfishcreek.net/
AIR# 3913
'77' Minuet 6 Metre, behind a 2005 stock Jeep Rubicon with Equa-L-Zer hitch.
|
|
|
06-27-2016, 09:29 AM
|
#15
|
Rivet Master
2007 23' Safari SE
San Diego
, California
Join Date: Apr 2006
Posts: 1,495
|
Feeling better with a stronger password
So after I changed and made my password stronger on Toyota RAV4 Forums, I went to do the same at AirForums. Doing this was long overdue, since I hadn't changed my password since I joined 10 years ago, but it was important to do since we now live in a world with daily cyber-security issues. I was a bit rusty on how to change my password on AirForums, but once I did it, I felt better... and it was easy and here's how I did it:
1. Sign in to AirForums with your current password.
2. Near the top is a dark blue toolbar that has the words "User CP, Clubs, Venders," etc.
3. Click on "User CP"
4. Under the column "YOUR CONTROL PANEL" scroll down to "Settings & Options"
5. Click on "Edit Email and Password"
6. Enter your password, new password, confirmation of new password and click on "Save Changes."
7. Feel better!
|
|
|
06-27-2016, 11:41 PM
|
#16
|
Stay CazuaL
2018 25' Flying Cloud
2014 19' Flying Cloud
Reseda
, California
Join Date: Aug 2014
Posts: 958
|
Here a quick tip about passwords. I know we have a lot, and it is recommend not to have the same passwords. But we all tend to forget. Here are some basics:
1. Uppercase, Lowercase, number and special character is the minimum via 8-10 digits.
2. To help remember use a cypher. For example: Your BFF in Ohio High School was Johnny and YOU played soccer, jersey number 21: So your password cypher can be something like this:
Hsbfsoccer! which your actual password is Ohiojohnny21! - It can be whatever you want it to be. So in your contacts, you put the place of your password. So you can say Bank (don't specify which bank) then inside the contacts, in the notes section, you put the cypher.
3. Here is the breakdown of the cypher Capital 'H' to remind you the first letter is CAPs, it can be where ever of course.
4. Hs should remind you of High School, Ohio
5. bf should remind you of your BFF Johnny
6. soccer should remind you of the jersey number
7. '!' exclamation point to let you know of the special character at the end.
I hope this helps you remember the every confusing password requirements.
|
|
|
06-28-2016, 04:46 AM
|
#17
|
Rivet Master
2020 28' Flying Cloud
Upper St Clair
, Pennsylvania
Join Date: Aug 2011
Posts: 2,943
|
Password protection or more importantly data and identity protection via passwords is in crisis mode right now. Millions of attacks on systems ever day. Our son and our daughter both work in this field for different companies and each company is "hit" by hackers literally a million or more times per day.
A good solid VPN can help individuals the same as it helps major companies so I would suggest folks look into a VPN for their home and travel computers. Then in addition as my IT folks when I worked always had me have everyone with a computer change their passwords monthly - those who did not change could not log in after 31 days. We had millions of attacks, or so I was told, but no breaches and no lose of data, so I was told as my knowledge of such things goes back to trying to find a clean phone booth in Newark NJ as a new sales person.
Bud
__________________
2020 28' Twin Flying Cloud
2021 F350 6.7 King Ranch
USAF Master Training Instructor (TI) & (MTI)- 68-72
Volunteer K9 Rehabilitator & Trainer
|
|
|
06-28-2016, 08:55 AM
|
#18
|
Rivet Master
2007 23' Safari SE
San Diego
, California
Join Date: Apr 2006
Posts: 1,495
|
Quote:
Originally Posted by paiceman
Password protection or more importantly data and identity protection via passwords is in crisis mode right now. Millions of attacks on systems ever day...
A good solid VPN can help individuals the same as it helps major companies so I would suggest folks look into a VPN for their home and travel computers. Then in addition as my IT folks when I worked always had me have everyone with a computer change their passwords monthly - those who did not change could not log in after 31 days...
Bud
|
"VPN" is a virtual private network.
|
|
|
06-29-2016, 10:02 AM
|
#19
|
Rivet Master
2007 23' Safari SE
San Diego
, California
Join Date: Apr 2006
Posts: 1,495
|
Protecting your password from hackers
In the news today: The Economic Times, June 29, 2016:
" Six steps to protect your password from hackers"
|
|
|
06-30-2016, 07:01 PM
|
#20
|
Site Team
1964 26' Overlander
1964 19' Globetrotter
OlyPen
, Washington
Join Date: Aug 2003
Posts: 13,926
|
Lots of good advice here about passwords and security. Just a simple reminder to use unique passwords at various places, most especially banking and similar sites. At the forum we don't store any financial info about members or paypal logins, etc but it merits saying again that you need to be careful everywhere.
As a side note - I have wondered about the merits of leaving my camper unlocked when parked at home. I might rather lose the contents than have the door damaged...
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Thread Tools |
Search this Thread |
|
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
Recent Discussions |
|
|
|
|
|
|
|
|
|
|
|