Hard Light Productions Forums
Site Management => Site Support / Feedback => Topic started by: AthlonBoy on March 28, 2009, 11:50:47 am
-
I recently signed up to these forums to do work on the Boanerges. Literally days later, my Steam account is hijacked. It uses the same e-mail that I used on these forums, and the same password (not that saying this matters now). My security-concious friend tells me the SMF software these forms use is "terrible".
I have to ask this. Is this forum secure? Are the e-mails and passwords kept locked up?
No need to suggest other reasons for my Steam hijacking, I'm already looking into them all. I just want to cross this off my list of suspects.
-
I haven't had any problems with it :nervous:
-
Correlation doesn't imply causation, and I would think a weak password and foul luck would be far more likely culprit.
It is of course a possibility that if you use same password for many services, one of them has had a security leak of some kind. But it's still a stretch that someone would have connected your HLP account with the Steam account... unless your E-mail itself is compromised.
At any rate using same password for many purposes - especially non-important and important purposes alike - is very much not advisable...
-
I haven't had any issues in the four years that I've been here.
-
No issues here.
-
/me doesn't even have a Steam account
-
Sorry to hear that, Athlon, but as far as I know we've never heard of any problems coming from outside the community.
Various unsavory types from within the community have been known to cause trouble, but nothing like what you've experienced.
-
*cough* an0n *cough*
-
Well, fair enough.
Nothing personal, but if a woman was killed by a serial killer, you'd question the husband as a suspect until that was proven. I'm just looking into all avenues.
-
I haven't had any issues in the four years that I've been here.
Make that three years for me. I've never had security problems. Even telling Dysko what my password was lead to nothing because it was difficult to spell. :p
-
Not to knock Athlonboy down a notch, but if there was an issue with security, "new guy's Steam account" wouldn't be my first pick.
I bet there is a ton of good stuff here to break into.
-
BTW, did you get your steam account back under control all right?
-
*cough* an0n *cough*
Actually, when an0n found the new forums, he complimented us on our choice of SMF, due to SMF's security.
-
Well he would know...
Not to be roasting an0n or anything, I find him to be quite entertaining. :nervous:
[/offtopic]
Carry on.
-
It sure was an 'anon' who hijacked me. He changed my picture to the classic black-and-white tuxedo, which is a bit of a giveaway. As a veteran of internets, I know what anon is, and that you shouldn't take them seriously. Don't feed the troll, and all that.
A friend of mine had a chat with the hijacker. He claims he did indeed exploit some flaw in the MySQL of these forums. The way I've put that might sound incredibly silly, but I know nothing of SQL or of forums. Maybe an admin should check. 'Course, he may just be yanking our chains.
-
It sure was an 'anon' who hijacked me. He changed my picture to the classic black-and-white tuxedo, which is a bit of a giveaway. As a veteran of internets, I know what anon is, and that you shouldn't take them seriously. Don't feed the troll, and all that.
Actually, the specific "an0n" they're referring to is a singular entity who predates the more recent "Anon" phenomenon by quite a bit. And from what I understand, this isn't the sort of thing that would be up his alley.
-
Aye, the singular an0n lives on a level far below the recant Anon phenomenon. *shudders as he remembers his lurking days and the permanent scarring*
-
SMF encrypts passwords before putting them in the database, so I don't buy this for a second. More likely is you had some sort of keylogger on your computer already, and your combination of email/password you typed in when you registered was used on any common websites you've visited.
-
:lol:
I've seen some of his posts, does he still go on here?
I can't offer much advice topic-wise, I don't have a steam account
-
He does indeed still go on here but much less, and his posts are rather less disturbing. Except for the Lime in the Coconut one.
-
To be honest, for all his habits when he used to be here, I always kind of liked him, most of the time, he was just downright hilarious, but the problem was he enjoyed being close to the line with Forum policies, and occasionally, he'd cross it.
Sorry to hear about the password thing, AthlonBoy,, I tend to use a selection of different passwords, with three active at one time (since most sites give you three tries to enter the password, so if I forget which one is for a particular site, I can try all three)., I tend to find that helps.