[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions_content.php on line 685: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions_content.php on line 685: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 5149: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:4121)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 5151: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:4121)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 5152: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:4121)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 5153: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:4121)
www.below-the-fold.com • View topic - If locked out due to password attempts Please READ!

If locked out due to password attempts Please READ!

If locked out due to password attempts Please READ!

Postby Brunski » Thu Jan 13, 2011 2:13 pm

Hello everyone,

Recently we have had several users get locked out because failed number of password attempts and I wish to take a moment to explain why it may happen and ways you can get help if you can not read the security measure.

First, what causes this security measure:

You or someone attempting to login as you enters or mistypes the wrong password and after several attempts it "locks" the account.

Next:

After the account is "locked" entering the correct password is no longer the only thing that you must enter you must also enter the security measure as well.

The problem:

The security measure is for a host of reasons is not viewed by the user..

The solutions:

You can create another account and ask us to help with this problem (either PM or in forum) and one of the Admins will reset attempts for you.

Side Note: If you can not verify the account for some reason, all Admins receive an email for new accounts created ie.Brunskicantlogin kinda tells us we have to fix something if you wish to be creative :).

Contact any Admin or Moderator via another method you can reach them and the Admins will reset it for you asap.

Concerns you may have:

Wouldn't someone posing as me request an unlimited security measure requests until they get the correct password? While it is possible, the feature is logged by which Admin(s) resets it. Also all login and failed logins are logged for your protection so any strange behavior should be picked up fairly easy by anyone looking at the logs. The reset feature, and the logs mentioned are Admin access only.

Can Admins or Moderators see passwords or what was entered as a password?

No, all passwords are encrypted in the database and what is entered by the user is not shown in an log An Admin can reset said password for you if you can't reset it yourself for whatever reason, however we will contact you thru a known way to connect with you before doing so..

Was my account attempted to be hacked into if I don't know if I keep entering the wrong password?

Hard to say based on logs, however it does point that someone was trying to something unsuccessfully and it depends on the user name in question.

Should I change the password once I successfully access my account?

While it is recommended for you to do so, we will leave it to you do as you wish.

If I have any other concerns?

Contact Brunski in this thread or privately as he knows the most about the feature and can answer it questions about it best.

Thank you,

The Staff of Below The Fold
User avatar
Brunski
 
Posts: 1409
Joined: Sat Aug 30, 2008 7:48 pm
Location: Unkown at this time.
Print view this post

Re: If locked out due to password attempts Please READ!

Postby Brunski » Wed Jan 19, 2011 12:26 am

Someone asked about the logs Brunski refers to...

as an example of one of the logs contains the following at the time of posting this:

Username (senstive data removed) Time Action
Brunski (senstive data removed) Wed Jan 19, 2011 12:10 am Connected successfully to ACP

Anonymous (senstive data removed) Wed Jan 19, 2011 12:02 am Failure - non-existent user» Karpanas

Brunski (senstive data removed) Tue Jan 18, 2011 11:57 pm Connected successfully

Anonymous (senstive data removed) Tue Jan 18, 2011 11:29 pm Failure - non-existent user articlecrtwehj

KarlChilders (senstive data removed) Tue Jan 18, 2011 11:24 pm Connected successfully (Autologged)(senstive data removed)

Anonymous (senstive data removed) Tue Jan 18, 2011 11:10 pm Failure - non-existent user hetspeespink

Emma (senstive data removed) Tue Jan 18, 2011 10:58 pm Connected successfully

Emma (senstive data removed) Tue Jan 18, 2011 10:56 pm Connected successfully

Brunski (senstive data removed) Tue Jan 18, 2011 10:27 pm Connected successfully to ACP

Brunski (senstive data removed) Tue Jan 18, 2011 10:26 pm Connected successfully

Anonymous senstive data removed) Tue Jan 18, 2011 10:10 pm Failure - non-existent user » eldectite

CaughtInTheMid (senstive data removed) Tue Jan 18, 2011 10:08 pm Connected successfully (Autologged) (senstive data removed)

Anonymous (senstive data removed) Tue Jan 18, 2011 10:08 pm Failure - non-existent user » bhsnfriendz

terms defined:

Autologged is where the user has a cookie that permits to user to log in with out entering the username and pw every time. Autologged may also show where they landed (ie bookmark)
ACP=Administrator Control Panel which requires being an Admin or Admin like access.

the purpose of the logs is to trace any problems (such as someone trying to hack into the board or hacks into an account and changes the user's email/pw etc..)

Anymore question please do not hesitate to ask..
User avatar
Brunski
 
Posts: 1409
Joined: Sat Aug 30, 2008 7:48 pm
Location: Unkown at this time.
Print view this post


Return to American Politics

Who is online

Users browsing this forum: Majestic-12 [Bot] and 7 guests

Site Meter
cron