| View previous topic :: View next topic |
|
|
|
 |
|
Hi all,
There is no section for technical issues on this board so I will post this here.
Short version:
AE passwords may not be encrypted. If your AE password is the same as the password you use for anything important, like your bank account, then you should change your bank account password.
Long version:
At work a couple of weeks ago I got an email (indirectly) from the tech guys at work telling me they were testing new security software. The email said that passwords from this website were being sent out into the cyberworld "in the clear" (i.e. unencrypted). The email said that I should change my AE password because they know what it is.
I looked in the phpBB bug database (anyone can look at it) and checked google to see if there has been a bug logged about passwords being sent in the clear. I couldn't find anything about password problems. The only thing I found was that passwords are sent in the clear in an initial email when you sign up - but that is a feature, not a bug.
I didn't ask the tech guys at work more about this because they actually sent the email to someone who has the same first intial and last name as me at work. That person asked me if I could stop doing things at work that make it look like he is goofing off. So I didn't want to point out to the tech guys it was me and not the other guy doing non-work stuff at work. (The other guy said he wouldn't tell on me.)
|
|
 |
|
 |
|
admin
Librarian
|
|
|
|
Dear Rocky,
I don't know in what way the password you type in travels through cyberspace, but in the MySQL database that stores this sites passwords, the passwords are encrypted. Even I won't be able to retrieve it.
Having said that: anything hackable will some day be hacked, so using different passwords on different sites is always a good idea.
Keimpe
|
|
| |
|
|
|
Hatty
Site Admin
In: Berkshire
|
|
|
|
| I went to change the password on my old account cause you never know when the tech guys at work might log on and impersonate you and spout orthodoxy. |
There are privacy laws you know, even in the workplace. My former and ultra bossy boss quite understandably objected to employees using the internet for personal reasons but also understood it was reasonable to do so during slack periods if done discreetly; in fact we would exchange jokey e-mails as a necessary antidote to office insanity. But to take advantage of an employee's password sounds like a serious breach...or were you kidding?
|
|
| |
|
|
|
Mick Harper
Site Admin
In: London
|
|
|
|
| so using different passwords on different sites is always a good idea. |
On the contrary, this is an appalling idea (at least for ordinary folk). The absolute certainty that you will lose passwords and thereby access to important stuff far, far outweighs the problems of being hacked.
|
|
| |
|
|
|
|
|
|
|
|
| Hatty wrote: | | I went to change the password on my old account cause you never know when the tech guys at work might log on and impersonate you and spout orthodoxy. |
There are privacy laws you know, even in the workplace. My former and ultra bossy boss quite understandably objected to employees using the internet for personal reasons but also understood it was reasonable to do so during slack periods if done discreetly; in fact we would exchange jokey e-mails as a necessary antidote to office insanity. But to take advantage of an employee's password sounds like a serious breach...or were you kidding? |
I'm just paranoid now. They sent around an email at work some years ago warning us that Big Brother would not tolerate employees visiting ILikeSqueezingBigTitties.com and other such places, but other than that I thought they weren't watching.
But I guess they are.
|
|
| |
|
|
|
Hatty
Site Admin
In: Berkshire
|
|
|
|
Yes, we had a warning e-mail sent to all staff expostulating about the amount of time-wasting messages being exchanged; it all went unnaturally quiet for a week or so and then the flow started up again. The relentless push of public opinion ignoring the upper echelons. The technical guys are the worst, or the best depending on your POV, in this disregard.
You should be able change your password at work to your own personal choice, just as on this site you're given one at the outset but you can alter it at will. Get friendly with the techies.
|
|
| |
|
|
|
Komorikid
In: Gold Coast, Australia
|
|
|
|
WARNING
To all involved on this site.
The Quest Site has been HACKED.
I have notified Keimpe and he is away for the day so can't repair the damage for a while.
It is advisable not to use any of the forums on the site until the matter is resolved.
|
|
| |
|
|
|
Mick Harper
Site Admin
In: London
|
|
|
|
|
All seems OK now, thanks be to Keimpe!
|
|
| |
|
|
|
|
The Library Index 
FAQ 
Search
Register
Profile 
Log in to check your private messages 
Log in 
