Pontiac Solstice Forum banner

1 - 20 of 20 Posts

·
Administrator
Joined
·
478 Posts
Discussion Starter #1
Hey Team,

Over the 2 weeks we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a onetime reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 180 day basis. When you login on the 181st day, you will have to change it. You guys and girls all have the highest level of access in our communities and this will help protect your accounts.

All other users on the community will have 365 day expirations. We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

We are testing and rolling out the changes slowly to ensure that they do not cause unforeseen issues with current plug-ins and products on the site, we will let you all know the day before it goes live.

I also ask that you help us with ensuring all users are being heard and we are answering everyone’s questions. We will be posting an announcement up to the community shortly and want to keep all chatter about this issue and any potential security issues in one place. If you see a user talking about this topic in a section outside of the announcement, please either move the post, or remove it and direct the user to the original thread. We greatly appreciate your help in this. If you have any questions please post them below.

Thanks all,

Helena Barclay

Community Management
 

·
Administrator
Joined
·
9,188 Posts
Wow, I would think moderators and admins have a higher level access ?!?

You give me the feeling this message is not for the general forum user but for the forum-team.
Yes, mods have a high level of access and I have acces to a bit higher.

The Moderation team did receive this message prior to the general forum.
 

·
Premium Member
Joined
·
370 Posts
Our way of life these days....

After signing into Fort Knots I mean the SolsticeForum.com and now fighting my way through a dilemma..

As a "Life Time Member" I was NOT able to post a message on this site.
As a "Life Time Member" my PM Box was full with only 5 Personnel posted messages by me occupying the folder.

:wtf: All these functions showed that they were turned off:
You may NOT post new threads
You may NOT post replies
You may NOT post attachments
You may NOT edit your posts
BB code is Off
Smilies are Off
code is Off
HTML code is Off

As of now I don't even know if this message will be posted in this "[i]Attention – Security Issue Reply to Thread[/i]" thread.
Here are some pic's of a "Life Time Member" accessibility's to the Solstice Forum..

Welcome, MARVIC 1. Visited Yesterday 09:59 PM Private Messages: Unread 0, Total 10.
Your PM box is 100% full.
[b]Verification Required You are not fully registered.[/b] Please follow this link or check the email inbox associated with your account to complete your registration process.

[img]http://www.solsticeforum.com/forum/attachment.php?attachmentid=60033&d=1466274672

This Picture here shows my: Join Date, Registration Status and membership access.



A PM message was left to the Administrator by me with no reply or fix as of yet.

:rant:

.

.

.

.
 

Attachments

·
Registered
Joined
·
86 Posts
Just got had to reset password again, did we get hacked again?
I had to reset my password two days in a row. Now I try not top close the browser so it will not log me out. Has worked for now........have closed it and reopened in the same day with no problems so far.
 

·
Registered
Joined
·
8,255 Posts
Every time I request a new password (multiple times) and log in

I then try to change my password to one I WANT

I do it all properly (have been a forum member 10 years now)
but when I click on Save changes...the yellow box goes to "fade" but does not accept my changes

W H Y ????
 

·
Registered
Joined
·
384 Posts
Every time I request a new password (multiple times) and log in

I then try to change my password to one I WANT

I do it all properly (have been a forum member 10 years now)
but when I click on Save changes...the yellow box goes to "fade" but does not accept my changes

W H Y ????
Possibly try a different browser and/or clear all the cookies in your current browser to see if problem is with those.
 

·
Premium Member
Joined
·
702 Posts
After getting the e-mail with my temporary password, I logged on and changed it. I logged off yesterday, and just logged on again today with no problem. :confused:
 

·
AKA SolWhat?
Joined
·
10,234 Posts
Every time I request a new password (multiple times) and log in

I then try to change my password to one I WANT

I do it all properly (have been a forum member 10 years now)
but when I click on Save changes...the yellow box goes to "fade" but does not accept my changes

W H Y ????
Are you sure your NEW password meets all the requirements?

Must be at least 10 characters
Must contain lower-case characters
Must contain upper-case characters
Must contain numbers
Must contain symbols

Have you reentered your old password (the one assigned by the administrators)?
Have you entered the new Password twice (in both the spaces provided)

:dunno:

.
 

·
Registered
Joined
·
397 Posts
This isn't a bank web site and the new password rules are irritating.

Every site that I join, from banks, credit cards, utilities billing, to forums, has different rules and I get tired of making up and remembering new passwords. It's gotten to the point that I have to write them down, making my passwords less secure.

While I appreciate the increased attention to security, I think the new password rules go too far.
 

·
Administrator
Joined
·
478 Posts
Discussion Starter #11
Hey guys,

I just want to post here to shed a little more light on the situation, at least as much as we can provide at the moment.
As mentioned below, if you guys have any questions feel free to ask.

A 3rd party plugin that we and other networks use had it's developers' compromised. Their DB was breached and data was scraped. I can't ID the plugin as it's under legal investigation. However I can say that it had access to user data because it functions separately from the vb software. Many plugins do this, chats, news letters, mobile apps etc. This is not an active breach, however as a precaution we did initiate security updates including password changes and new pass requirements.

Their system was compromised and they grabbed user data for us and thousands of others.
We cleared our part of the breach and went this route to further security.
This is also in place as many members on the internet use the same or similar passwords across all things they use.

Hackers who have access to these accounts, may be able to access other platforms where the same email and/or passwords are used.
Other platforms have been compromised as well, including Twitter, Linkedin etc. We are just trying to get ahead of this, and nip it in the bud as soon as possible.

We cannot go into detail at the moment as it is being dealt with on a legal level.

Though this breech happened in Feb, we were not notified until very recently. We worked hard to find a solution for this mess, and acted on it. Though it may not be ideal in some eyes, it is the best we have access to ATM.
Once the storm settles we may look into other methods for our security, but right now we ask that you be patient with us.

As for us not responding to members, you have to understand our community support team watches over many sites. Luckily this week and last, we have had many members from other teams offer help. With that said all emails sent to our Contact Us email will be dealt with. Granted, it may take a little time for us to get to all of them, but please be patient with us as we are working really hard to catch up and help everyone.

If there are any other questions/concerns/feedback, please feel free to post them here.

Thank you for your patience and understanding,

Richard.
 

·
Premium Member
Joined
·
366 Posts
Too much security?

I LOVE this forum but it seems like the security is excessive. It logs me off in less time than my bank or PayPal and I really do not have much to hide here, a user name and what car I drive. Sites with similar levels of info let me log in for two weeks at a time. And to top that off I cannot easily log on from a new device. I am traveling currently and away from my desktop and have had to go through a separate IP address verification for my phone, iPad and laptop. Really? I can log on to eBay and buy a new Solstice with less effort. Let's make the forum user and mobile device friendly, please.
 

·
Administrator
Joined
·
478 Posts
Discussion Starter #14
I LOVE this forum but it seems like the security is excessive. It logs me off in less time than my bank or PayPal and I really do not have much to hide here, a user name and what car I drive. Sites with similar levels of info let me log in for two weeks at a time. And to top that off I cannot easily log on from a new device. I am traveling currently and away from my desktop and have had to go through a separate IP address verification for my phone, iPad and laptop. Really? I can log on to eBay and buy a new Solstice with less effort. Let's make the forum user and mobile device friendly, please.
It is a tougher password that is required for the site, however you can always simplify them so its not so hard to remember.

for example Password#1

Thank you so much for your feedback :)

~ Glenda
 

·
Registered
Joined
·
4 Posts
Hi all,

This is AeroDave from the older forums. I am one of the founding members, owner of Solstice first 1K #0051. I can no longer log on with my old account because I don't come here often anymore and my old password has apparently been erased. I can't use the usual password reset procedure because I have since changed my email from what is on file from nearly 12 years ago.

I still like to check in every now and then and have more questions now that my daily driver Solstice is getting up there in age. I cerated this account just to ask for help getting back to my old account.

Thanks in advance! Dave
 

·
Administrator
Joined
·
478 Posts
Discussion Starter #16
Hi all,

This is AeroDave from the older forums. I am one of the founding members, owner of Solstice first 1K #0051. I can no longer log on with my old account because I don't come here often anymore and my old password has apparently been erased. I can't use the usual password reset procedure because I have since changed my email from what is on file from nearly 12 years ago.

I still like to check in every now and then and have more questions now that my daily driver Solstice is getting up there in age. I cerated this account just to ask for help getting back to my old account.

Thanks in advance! Dave
Hey Dave,

Can you PM me with the email address that is attached to your original account, as well as which email you want connected to your account.
I can merge your accounts, and set it up as requested and send you a new password.

Richard.
 

·
Registered
Joined
·
733 Posts
Please check the security settings of the forums:

- The IP check is overly aggressive, keeps logging me out in Tapatalk and desktops
- HTTPS SSL is broken, it redirects to 10thcivicforum.com
 

·
Administrator
Joined
·
478 Posts
Discussion Starter #18
Did adding https to the site work for you before? I don't think it was supposed to. We're going to be add support for it to the site in the near future.

You shouldn't be getting IP checks from the site. What does the site say when you get one?

Kevin
 

·
Registered
Joined
·
733 Posts
1 - 20 of 20 Posts
Top