The Combine Forum banner

41 - 60 of 141 Posts

·
Registered
Joined
·
671 Posts
Geez! Just jumped through all the hoops. BTW admin crappy instructions and as usual no email. Thank goodness some guys here are better than you are at telling us how to find the reset password link. Sooooo I'm assuming by all this new stuff that Hillary owns this site now???
 

·
Registered
Joined
·
5,856 Posts
So i've done the password change twice now. Hopefully not a third time.

Yes the 10 possible unique entries from the wide unicode character set is excessive. Individual accounts are rarely hacked - pointless, rather the list of emails from the server are taken. They are only after valid emails, where the real $$ value resides, because you can't use fake ones as replies are required.
 

·
Registered
Joined
·
4,091 Posts
Took me a while to get my password reset also. The login box at the top of the page is not working. Just returned an error about a tmp directory on the server that's not writable. So something is broken there. Thanks for those that figured out to click on "Register."

As to why this password reset, it's all because the company that hosts this and many other forums forums got completely hacked and all the usernames and password hashes (not the actual plain text passwords) were nabbed by the bad guys. That they were able to get into the server and copy the login information database is serious enough, but ordinarily password hashes aren't easy to turn back into actual passwords. However in this case it appears the hashes were not created properly so they were very trivial for the bad guys to turn back into actual passwords. So if you used the same username and password on any other site, particularly important ones like banking, change those passwords immediately as someone out there now knows what they are. That people often use the same usernames and passwords with very important sites and with the not important sites makes these password breeches particularly serious.

Unfortunately turning up the complexity requirements for password strength does not actually help anything. Even if I meet all their new requirements, the password still isn't that secure. Even worse, it makes passwords harder to remember so people have to write them on post-it notes. A better way would be to allow simpler passwords but allow (encourage) them to be much longer. Like a phrase: Purpletractorsarethebest. This is easy to remember, easy to type, but very very hard for bad guys to guess through brute force. Sadly that password would never be allowed by the new forum rules even though it's much stronger than the one I ultimately had to use.
 

·
Registered
Joined
·
442 Posts
This site is sooooo slowwww these days. Its deja vous dialup days.... Maybe this was the last straw.... I'm still waiting for my reset password email.
 

·
Registered
Joined
·
155 Posts
Little excessive on the complaining, guys, don't you think? Are crops looking too good, prices too high, gotta find something to bitch about? Yes it was an inconvenience, but it wasn't the end of the world! Life will go on, with or without combine forum.
 

·
Premium Member
Joined
·
8,228 Posts
Little excessive on the complaining, guys, don't you think? Are crops looking too good, prices too high, gotta find something to bitch about? Yes it was an inconvenience, but it wasn't the end of the world! Life will go on, with or without combine forum.
Maybe so, but the simple fact is that it doesn't make sense to do a password reset....and then tell people about what is going on. A lot of people rely on this site to have questions answered and communicate with other people. I had thought about going to the farm show in Regina today and getting hold of some guys I know(although this never happened), their contact info was in various PM's which for a day I couldn't access.

People use this site for business, people use this site for answers, people use this site for help and encouragement. Much of this is time sensitive and IMPORTANT! The admin's of this site need to realize that what they do has far-reaching effects. Losing valuable members because of changed emails and such is a very bad deal and un-acceptable IMO.

As for the comments on Don being MIA: I think he deserves a break and I hope he and his family are doing well. We are generally a pretty civil bunch and should be able to manage fine without him for as long as it takes.:wink:
 

·
Registered
Joined
·
155 Posts
I think you're stretching things a bit, SWMan. Suppose you ask a question about crop staging and you don't get a response right away. Do you just sit there staring at your computer, wondering if you should be spraying? Because there can't possibly be anywhere else that you could get the information you need?

Yes it was an inconvenience, an annoyance, a piss-off. Have you never screwed up something that caused an inconvenience for someone else? It sounds like some people want to crucify the administrator. Let's all just relax a bit :14: and get some perspective on life!

And I don't think anyone is actually leaving. They might stay away for a little while, but sooner or later, they'll be back. Combine Forum is like the crack pipe!:)
 

·
Registered
Joined
·
1 Posts
Attention morons in charge:

I can't reset my password because it's associated with a email no longer in use. I have things stored in private messages that I really could use but cannot access them.

I have email you 4 times with no response so I created a new profile in hopes of private messaging you, but apparently your pm's don't work either. Maybe you could post something in this thread so at least we know that you are aware of the situation and are working on a solution.

Furthermore aside from your epically stupid fail, I hope that you at least learned something. Perhaps a bit of communication would have alleviated 95% of the problems associated with this moronic "fix".

Here is a novel thought for you: I do reports for our fire dept. These reports are done online through a secure password protected website. These reports are used by governing officials, insurance companies, and often are used as court documents. Obviously data like this requires a far more secure site than the combine forum. Passwords reset every three months. When logging in with your current password it prompts you to reset your password before you can go any further. Seems simple enough, doesn't it?

Fix this epic fail!

My turtles and I will be back!
 

·
Registered
Joined
·
540 Posts
Unfortunately turning up the complexity requirements for password strength does not actually help anything. Even if I meet all their new requirements, the password still isn't that secure. Even worse, it makes passwords harder to remember so people have to write them on post-it notes. A better way would be to allow simpler passwords but allow (encourage) them to be much longer. Like a phrase: Purpletractorsarethebest. This is easy to remember, easy to type, but very very hard for bad guys to guess through brute force. Sadly that password would never be allowed by the new forum rules even though it's much stronger than the one I ultimately had to use.
You made me think of this cartoon. Pretty relevant to the current situation I think.


The password for this site is now more complex(harder to remember) than the one I use for Amazon or any other login besides the one for my bank.
 

·
Registered
Joined
·
4,091 Posts
You made me think of this cartoon. Pretty relevant to the current situation I think.
xkcd rocks. Being a farmer and a nerd I really like the cartoon about how when we observe the amber waves of grain they become amber particles! :) https://xkcd.com/967/
The password for this site is now more complex(harder to remember) than the one I use for Amazon or any other login besides the one for my bank.
Yup. Unfortunately this insanity is being repeated across the web. You may as well use a password manager program and just generate random gibberish for your passwords, as that's the only secure passwords policies like VerticalScope's allow.

I use a standalone program called KeePass. There are cloud-based services like LastPass that are nice too, provided you trust them. I also write down all my passwords and keep them in a secure place (on my fridge) so that if something eve happened to me my next of kin could at least get to my email account to take care of my affairs.
 

·
Registered
Joined
·
1,225 Posts
Little excessive on the complaining, guys, don't you think? Are crops looking too good, prices too high, gotta find something to bitch about? Yes it was an inconvenience, but it wasn't the end of the world! Life will go on, with or without combine forum.
I don't know I wasted two hours of my life on this that I will never get back
I too think it could of been handled better. Maybe they could of give us a heads up and tell us we have a couple day to change our password if he haven't by then well then do what they did
 

·
Registered
Joined
·
3,113 Posts
My biggest let down is where on earth is the "administration"? Haven't heard a peep, a follow up of what's going on would likely make most or maybe even all of us feel much better
Maybe they are having trouble getting back in!:)
 

·
Registered
Joined
·
1,408 Posts
At my old job the passwords for your personal login had to be changed every couple months, it gave warning when the time to do so got close, and when the time expired you HAD to change it before you could do anything else. This last winter they had a training thingy on the computer about computer security, and after that our passwords had about the same requirements this forum does now. Stupid thing is, the basic "warehouse" login username and password never changed in the 5 years I worked for that place... Guess where all the sensitive stuff was accessed from? (Personal accounts did have remote access ability for the management when they wanted to work from home, for the basic grunts like I was we could do remote access but could only access stuff like news releases or our HR stuff.)


So if passwords expire in a year I wonder if its going to be this fiasco all over again or will they actually do a prompt to change it like they should have in the first place?
 
41 - 60 of 141 Posts
Top