StromTrooper banner

1 - 20 of 27 Posts

·
FORUM GODFATHER.....R.I.P. PAT
Joined
·
38,049 Posts
Verticalscope has been working on changing password protocols. Everyone will have to change their passwords and there will be more stringent requirements for format and time limits. I've already had to change my password at AVSForum.com and have seen a notification at subaruxvforum.com

Mods here have just been notified a change is coming. If you change now, you'll be required to change again when everyone is required to change. All members will be notified by e-mail that a change will be required as well as notified on the forum. Changing now and again later or later only are your choices.
 

·
Registered
Joined
·
650 Posts
Seems the "premium" membership $$ havent been going into security...
I,ve yet to hear anything positive about verticalscope. It would seem their security has been on a vertical slope - downwards... GGRRR
 

·
Registered
Joined
·
14,131 Posts
What they want to do with a bunch of moto passwords is a quandary. They are going to steal the combine knowledge of the Krell?
 

·
FORUM GODFATHER.....R.I.P. PAT
Joined
·
38,049 Posts

·
FORUM GODFATHER.....R.I.P. PAT
Joined
·
38,049 Posts
Do it now and you'll need to do it again when the e-mails go out but you won't be sitting on a hacked password until then.
 

·
Official Stromtrooper.com Sponsor
Joined
·
5,144 Posts
Forum user passwords might seem to be worthless. How many of you use the same password for other accounts? How many use an e-mail address ( available here ) and the same password on other sites as a log-in?

I am quite concerned with this. There are MANY businesses that pay to Advertise on this and other Vertical Scope sites. Those passwords and billing access ARE something these hackers want.

Looking into this it is obvious Vertical Scope was not concerned about a Hack. Don't know what they were thinking, running software that is quite outdated. Wake up call for them.
 

·
Administrator
Joined
·
1,128 Posts
So sorry guys! We are aware, we are dealing with it, and you should be getting a password reset email soon if you haven't gotten one already.

We were made aware of the leak a few days ago, and we mass posted to all our sites using a tool we have. Seems this site wasn't included in the tool. I'll be looking into that.

Direct all questions or concerns into this thread please!

http://www.stromtrooper.com/rules-forum-support-help-information-[not-motorcycle-related-questions]/331986-attention-password-security-update.html#post4071634


Kevin
 

·
Vendor
Joined
·
4,656 Posts
Two things come to mind.

Premium members and vendors have given their credit card numbers and information. Are those safe?

The other is how many people use the same password on multiple sites? If so, I hope you didn't use the same password on a site where sensitive information is stored. It's easy to imagine a hacker automating a search of websites using your real name and the known password. Scary stuff.

Edit: I just saw where Terry voiced the same concern. +1.
 

·
Vendor
Joined
·
4,656 Posts
Thanks Condor,

Here is an excerpt from the linked site.

At stake is more than just your forum identity.

Often in attacks like these, hackers sell the stolen database on the black market. With a compromised email and password list, hackers then can run the entire 45 million logins through other, more critical websites.
For example, they would take a compromised Gixxer.com login, and see if it works at any of the major banking institutions. Other attacks can target social media accounts or other services that have even more personal information, like your address, social security number, bank account, etc.

Using automated systems to brute-force these attacks, hackers can blow through a list like VerticalScope’s in days, if not sooner, depending on how much computing power they can throw behind it.



The god news was here. "Thankfully, more personal information, and credit card information, was not included in the breach."

So if you used the same password for Verticalscope sites and financial sites or email, go change those passwords now.
 

·
Registered
Joined
·
466 Posts
#1 you just plain should not use the same password for any two different sites/forums/accounts.
#2 your passwords should have some complexity like upper and lower case mix, and some extended characters like ([email protected]#$%^&*).
#3 using a password manager makes managing these much easier. I use KeePass and it has an Android version as well.
 

·
#motoref
Joined
·
224 Posts
I started using LastPass. After a little fumble during my initial setup, the more I put into it - the easier my life has become. With passwords like "V2z^[email protected]$E*mQ" it gets really kinda hard to figure it out!

*NOTHING* is 100% secure, but I trust LastPass more than I trust stromtroopers.com! I think I have 3 things using the same password.
 
1 - 20 of 27 Posts
Top