phpBB2Refugees.com Logo
Not affiliated with or endorsed by the phpBB Group

Register •  Login 

Continue the legacy...

Welcome to all phpBB2 Refugees!Wave Smilie

This site is intended to continue support for the legacy 2.x line of the phpBB2 bulletin board package. If you are a fan of phpBB2, please, by all means register, post, and help us out by offering your suggestions. We are primarily a community and support network. Our secondary goal is to provide a phpBB2 MOD Author and Styles area.

Password concerns - phpbb.com compromised


 
Search this topic... | Search Board Announcements... | Search Box
Register or Login to Post    Index » Board Announcements  Previous TopicPrint TopicNext Topic
Author Message
phpBB2 Refugees
Camp Leader
Camp Leader



Joined: 24 Jul 2008

Posts: 90
Location: I Live Here


flag
PostPosted: Wed Feb 04, 2009 10:47 am 
Post subject: Password concerns - phpbb.com compromised

I don't think this is new news to anybody but phpbb.com has been offline for quite some time due to a successful hack of the phplist software. Note that it was not the phpBB software that was the entry point for the attack. This situation reinforces the idea that if you run your own server you have to secure all points of entry.

As a result of the hack the phpBB.com user database has been compromised. This means that email addresses used to register on that site are out in the wild now, and you may expect to receive spam on those accounts. If you have the opportunity to change your email address it might be a good idea. This also means that the hashed passwords have also been released. If you use the same password on more than one site (which in our opinion is never a good idea anyway) it's time to change them. If you have logged in at least once on phpbb.com since the conversion to phpBB3 then your password has been rehashed with the newer more secure algorithm. However, if you have never logged on to phpbb.com since the conversion then your password is still stored using the weaker md5 hashing process.

If you use the same username and email address and password to register here, we strongly encourage you to change at least your password. If you do change your email address remember that you will have to reactivate your account. Thanks.

_________________
Long Live phpBB2 icon_biggrin.gif
Back to top
Display posts from previous:   
Register or Login to Post    Index » Board Announcements  Previous TopicPrint TopicNext Topic
Page 1 of 1 All times are GMT - 4 Hours
 
Jump to:  

Index • About • FAQ • Rules • Privacy • Search •  Register •  Login 
Not affiliated with or endorsed by the phpBB Group
Powered by phpBB2 © phpBB Group
Generated in 0.0324 seconds using 16 queries. (SQL 0.0067 Parse 0.0004 Other 0.0254)
phpBB Customizations by the phpBBDoctor.com
Template Design by DeLFlo and MomentsOfLight.com Moments of Light Logo