Forum Security

Or Open Agora, should you happen to be a Classical Greek...

Forum Security

Postby Pastor_Mac » Wed Aug 06, 2014 5:59 pm

Reading about the Russian collection of 1.2 billion passwords & 500 million email addys. Seen on Jim Dalrymple's Loop Insight:
The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.


Paul, I'd check this via your hosting service. As Dalrymple said that the toothpaste is out of tube but w/ the privacy concerns out of the US gov't and the routine harvesting of credentials by other bad guys I'm getting more and more paranoid. I'm tossing the idea that out on the table if you want to suspend the forum pending further review and/or an overhaul of your authentication system (I'm not a coder so the magic of SQL and the like is all a mystery) then that may be what you want to consider. I'd say if the users need to re-register or whatever needs to be done as users to access the forum and feel that their activity could not be jeopardized by easily getting past a single factor login then we would likely support that decision. But being the fact that websites like this apparently have become easy targets for harvesting credentials I'd do whatever I could to lock it down tighter.

I remember the main gate at Naval Station Mayport in the early 80s and the banter amongst us about almost anyone could get nearly full access. I'm afraid a lot of hobbyist websites have that level of security.
Pax,
Pastor Mac
Pastor_Mac
 
Posts: 164
Joined: Sun Oct 17, 2010 9:37 pm
Location: Northern NJ

Re: Forum Security

Postby Kona » Mon Aug 11, 2014 5:19 pm

Image
The tide is out; please leave a message.
Kona
 
Posts: 264
Joined: Wed Jan 06, 2010 5:54 pm
Location: Enron-by-the-Sea


Return to Open Forum

Who is online

Users browsing this forum: No registered users and 1 guest

cron