phpBB2Refugees.com Logo
Not affiliated with or endorsed by the phpBB Group
Register •  Login 

Continue the legacy...

  Index • About • Contact Us • Privacy Policy • Rules
FAQ • Search 

Welcome to all phpBB2 Refugees!Wave Smilie

This site is intended to continue support for the legacy 2.x line of the phpBB2 bulletin board package. If you are a fan of phpBB2, please, by all means register, post, and help us out by offering your suggestions. We are launching the site now in order to start building a community and a support network. Our second goal is to create a phpBB2 MOD Author and Styles area. Right now we're still considering our options for those areas of the board, so it's a great time to provide your input.

Password concerns - phpbb.com compromised


  		Search this topic... | Search Board Announcements... | Search Box
Register or Login to Post    Index » Board Announcements  Previous TopicPrint TopicNext Topic
Author Message
phpBB2 Refugees
Camp Leader
Camp Leader



Joined: 24 Jul 2008

Posts: 60
Location: I Live Here
PostPosted: Wed Feb 04, 2009 2:47 pm 
Post subject: Password concerns - phpbb.com compromised
I don't think this is new news to anybody but phpbb.com has been offline for quite some time due to a successful hack of the phplist software. Note that it was not the phpBB software that was the entry point for the attack. This situation reinforces the idea that if you run your own server you have to secure all points of entry.

As a result of the hack the phpBB.com user database has been compromised. This means that email addresses used to register on that site are out in the wild now, and you may expect to receive spam on those accounts. If you have the opportunity to change your email address it might be a good idea. This also means that the hashed passwords have also been released. If you use the same password on more than one site (which in our opinion is never a good idea anyway) it's time to change them. If you have logged in at least once on phpbb.com since the conversion to phpBB3 then your password has been rehashed with the newer more secure algorithm. However, if you have never logged on to phpbb.com since the conversion then your password is still stored using the weaker md5 hashing process.

If you use the same username and email address and password to register here, we strongly encourage you to change at least your password. If you do change your email address remember that you will have to reactivate your account. Thanks.
_________________
Long Live phpBB2 icon_biggrin.gif
Back to top
Display posts from previous:   
Register or Login to Post    Index » Board Announcements  Previous TopicPrint TopicNext Topic
Page 1 of 1 All times are GMT
 
Jump to:  

Index • About • FAQ • Rules • Privacy • Search •  Register •  Login 
Not affiliated with or endorsed by the phpBB Group
Powered by phpBB2 © phpBB Group
Generated in 0.1805 seconds using 14 queries. (SQL 0.0027 Parse 0.1681 Other 0.0097)		 phpBB Customizations by the phpBBDoctor.com
Template Design by DeLFlo and MomentsOfLight.com Moments of Light Logo