Change your Passwords Now, and Regularly!
We havnt had a chance to create a Topic and explain about what really happened since vBulletin-Mods went offline for more than a year. While some of our old members are aware of what really happened and why, but some of them are not. The main reason for being offline is because we were all busy. But what really caused us to have a little break was because of 1 or 2 incidents that the forums was Defaced/Hacked by some known hackers. And because of too many security breaches we had not much time or efforts left to secure the forums right away and start again. So that was the main cause of vBulletin-Mods being offline for more than a year.
The first time the forums was hacked, they afterwards contacted vBMods owner Tempus and cleared up their mess and took their part of the responsibility. Which I think was a cool thing to do. But then it happened again a few weeks later. And this time it was done by some unknown hackers / kids. They also managed to get SOME if not ALL of the our Users info from the Database such as Password Salt/Hashes, Emails, Usernames.
And we believe because of their frustration about vBMods always getting back online after each attempt, they tried to Post/Publish our User Details on our Index Page. The Information was immediately removed again by us from our Index Page. But We still wont take any chances. And this is why we had to make this Topic and let everyone know about Changing their Passwords asap.
And this Topic is based on the last incident. So far we very sure that the Passwords Salts/Hashes has not been LEAKED in Public or in wrong hands. Because of the Leaked Passwords Salts/Hashes on our Frontpage this is our duty as a Great Forum to keep everyones Privacy intact as possible.
Right now our highest and first priority is to inform everyone about what really happened and to make sure it doesnt happen again. I am sure that Tempus will soon add a notice to everyone in PM or on each Login.
So here are a few tips and advice (and a reminder) to keep in mind when creating and changing passwords:
First and foremost, before you read on, Change your password if you haven’t already. We also recommend our Staff, Mods who havnt been available or online since we came online, including everyone else to do the same thing immediately. Particularly members with a VIP or Paid Subscription.
1. Change your passwords regularly
Changing passwords regularly is highly recommended; preferably at least once a month. This is NOT about vBulletin-Mods, but in General. No matter which website or forum you join, or what type of environment you are joining. It is often the case that users does not care about changing their passwords every so often. But we guarantee that this will help to keep you safe online.
2. Do not use the same password on every site or forum online
Avoid using the same password for every single website/forum, software or any other types of subscriptions or registrations. If you have a problem remembering all of them, write them down and keep the document in a safe place, not in everyday public view. Security experts do not recommend writing down passwords but it’s a better option than having one password for everything. Do not save the document on your computer with an easy filename such as ‘password list’ or stick a yellow note under your laptop with your login password (and yes, people do that).
3. When you re-use a password, then always use a different password for your email account
Now days many users online are tempted to use the same password for all their logins. As a minimum, users should have a password for their email account separate from all their other Application Passwords etc.
For this matter, or if you are a person that cant remember things easily, then please check the next Step, Step 4 and use our new "Password Generator" Software made for vBulletin-Mods Members to remember their Passwords by saving them. You can also use the Software to Generate any type of Passwords, with any Length or Character.
Your email address contains much of the information an intruder would need to hack your other accounts, as many web sites and services use a person’s email address as their login username. Passwords for your banking services – including sites such as PayPal – and sites where your credit card number is on file, should also be unique. If you use the same password for many sites and one is compromised, you are most vulnerable on sites where an intruder could actually steal money or order merchandise and charge it to you.
4. Use passwords with a secure length / Or use an Online Password Generator
A good password is at minimum seven characters long and has letters, numbers and non-alphanumeric characters, and the simpler the password is, the easier it is to crack. To create a secure password that is still easy to remember. And if you really think that using a Password as such as "1l0vevBM0ds" will keep you safe, then dont think that.
There are Plenty of Password Generators. If you doesnt trust these Online Password Generators, then use one from a known Website or example from "Norton's Website" at Norton.com Link below!
vBMods Password Generator
We have made a small Software Tool for you to Generate Strong Passwords with any Length or Type. You can also save your Passwords for each application if you have hard time remembering your Passwords
Here is a Screenshot, and you can Download the Software from the Attachments below.
5. Avoid logging into sensitive websites such as banking or PayPal over public networks
Please make sure to pay attention when accessing sites over public networks. Just to let you all be informed. We are hosted by Godaddy which is very much one of the SAFEST Web Hostings.
Not only that they have safe severs, but they do have Scanners taht scans each and every folder daily for Maleware or other types of viruses. Remember that Malicious operators can capture traffic on a network in a public place and steal data such as login information. If you must connect to the internet on public machines or using an open Wi-Fi network, always log out and do not click ‘OK’ if asked if you want the browser to remember your login information.
Remember always to delete and clear your browser cookies and cache, includign your browser history and temporary files when you have finished. That will remove some traces of your activity from prying eyes. Relying on this advice alone will not guarantee full protection against a data theft or hacking attack, but in conjunction with general best practice will help to reduce risk considerably. Remember, you should generally only access websites, software and services you trust, and should also ensure the computer you access from is as secure as possible by installing all critical software patches, using a firewall and running up-to-date antivirus software.
This was Brought to you by ChiNa & vBulletin-Mods.co.uk