Started by MountainDon, February 25, 2011, 05:30:09 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.


I seldom "shout", use all caps, but I think this might require it.

A week or so ago I noticed an abnormally large number of failed members attempts to login. All were for the password being incorrect. I recognize most of the names as "the usual crowd" of those who post as well as a number who are behind the scenes lurkers. On closer inspection I found a failed attempt for my own login at 5:41 AM today. I was definitely asleep at that time. The IP was out of San Francisco and I was definitely in NM. Something fishy going on.

A few other checks found several of our active member names attempting logins from IP addresses even further afield; Romania, Russia, Turkey, Netherlands, and so on. These are obviously a new form of spam attack. I assume robots have accessed the site as guests and harvested user names from the posts that are displayed. Then someone or someone's robot attempts to login, using what for a password I can only guess as the system only records that an error event has occurred, but not what information was entered.

The good news is that at present there has not been a mass attack on any one user name. They come in spurts 4 to 10 minutes apart, assorted changing names.

The danger is if someone has a simple password, at some point they may get lucky and be able to login. Checking a couple of anti spam resource boards this does seem to be a new phenomenon. Nobody I've come across has had a known break in. Who knows what they are after? Do they simply want to post spam? Is there a more malicious aspect as in deleting material?

So to the point of the matter. Make certain you have a difficult password. Something that by chance could not be guessed. We already have a password info thread and it is HERE.

Just because something has been done and has not failed, doesn't mean it is good design.

glenn kangiser

hmm possibly I may need to upgrade to a more secure password.  Rumpelstiltskin.... yeah.. that's a good one.....

Just kidding...  [ouch]

Thanks, Don ... will they never tire of messing with us?
"Always work from the general to the specific." J. Raabe

Glenn's Underground Cabin

Please put your area in your sig line so we can assist with location specific answers.

John Raabe

Interesting Don, very interesting.

Maybe time to update the old password - put in a number or symbol.
None of us are as smart as all of us.


Reflecting on the "why" of this I came up with a new thought. Perhaps they are not spammers. Perhaps they are after tidbits of personal information? There's not much in the user profile, but some of us have inserted birthdays. The IP can be used to obtain a general geographic fix.

Maybe armed with an ID and a password someone could try to locate more important stuff elsewhere?   ???

A puzzle to me.  Ideas gladly accepted.

note: I deleted some of the non essential comments, mine included, on this topic. I wanted to keep this to the bones if at all possible.

Just because something has been done and has not failed, doesn't mean it is good design.


No fresh ideas... :(

But further confirmation of the need for secure passwords.

I have several email accounts on various providers - ATT - Google - Yahoo - and I'm sure there are some other older ones I can't even remember.

A year ago Christmas we were in Big Bend NP area and all of a sudden I found my primary Yahoo account had been compromised and I was sending SPAM to all on my email contact list. 

An immediate change in password stopped that action, but my friends had their email also compromised.  Several reported that the SPAM did not stop just because my account was not the source.

Complex passwords are a pain in the tuchus.  You know it the same as I do.  But with criminals getting more sophisticated with their methods, complex passwords are more and more a necessity.

It's recommended that a good secure password use CAPITOL letters, Special symbols - #-@-%-^ and etcetera, plus numbers 0 through 9. 

One random example (made up this instant and not in use by me) would be "&TitRalac0987~".  And yes, Titralac is a good antacid.  :)

Please also remember that for those of us that use on-line banking - it is recommended that that password be unique and not in use on any other login or account.  Make that one a tough nut to crack. [chainsaw]