Jump to content
Sign in to follow this  
Followers 0
Venice

"Compromised Password" - Stay safe everyone!

By Venice, in Help and Support

Recommended Posts

Venice    6,933

Venice
Posted

Yesterday Lanaboards went offline for me for a while, and then I woke up to this notification: 

 

IMG-9324.jpg

 

I've never had this happen before! Just sharing as a warning to maybe keep your password more unique for here, especially as this site isn't secure/not encrypted (no HTTPS/SSL protocol so far) EDIT/UPDATE: site is encrypted, but still keep your password unique! :). Stay safe! 

7

Share this post

Link to post
Share on other sites

Rorman Nockwell    56,702

Rorman Nockwell
Posted

Just don't use the password you use on Lanaboreds anywhere else just to be safe, everyone. 

It's when they get your email/password combo and you use it on multiple sites then they can get into your accounts on the other sites, obviously. 

1

ur legit gonna look the same stop buying oil of Olay face cream

Share this post

Link to post
Share on other sites

admin    81

admin
Posted

Hi,  I'm looking into this, and by some quick tests I've just run + through my contact at my host software, LanaBoards itself was not victim to a data leak. 

 

The Passwords application that you posted a screenshot from also identifies when you've used a password for another website, so my best guess is that what that notification was trying to tell you is that the email/password combination you have for LanaBoards has been exploited from another site's data leak where you registered with the same data, so they're advising you to change your password here to avoid your LanaBoards account being compromised. (Plus it sort of reads off that way.)

 

I'll keep you updated, but so far I can't seem to find any evidence that LanaBoards was a victim of a data leak. I've even checked two password applications I use, neither of which has identified LanaBoards itself as a data leak victim x

 

(also, we do have a HTTPS/SSL script installed & running, but because some of the embedded images and site functions are coded in with HTTP rather than HTTPS, the padlock may not show on a page if it is technically "partially insecure" due to the images and tools using HTTP instead of HTTPS, but rest assured that all sensitive information is securely encrypted with our script)

15

Share this post

Link to post
Share on other sites

Venice    6,933

Venice
Posted
9 hours ago, RormanNockwell said:

Just don't use the password you use on Lanaboreds anywhere else just to be safe, everyone. 

It's when they get your email/password combo and you use it on multiple sites then they can get into your accounts on the other sites, obviously. 

 

Yep exactly! That's what I meant with keeping the password unique for this site 

 

9 hours ago, Dominikx4 said:

for everyone concerned, go check on https://haveibeenpwned.com/ w/ your e-mail address! theyll tell you if your data has ever been compromised.

 

it doesnt show up for me, but im not sure whether theyve already updated or if it was only a selected few accounts

 

Nice, thanks for sharing that! And yeah this definitely was not all accounts bc this didn't happen to my friend on here

 

9 hours ago, admin said:

Hi,  I'm looking into this, and by some quick tests I've just run + through my contact at my host software, LanaBoards itself was not victim to a data leak. 

 

The Passwords application that you posted a screenshot from also identifies when you've used a password for another website, so my best guess is that what that notification was trying to tell you is that the email/password combination you have for LanaBoards has been exploited from another site's data leak where you registered with the same data, so they're advising you to change your password here to avoid your LanaBoards account being compromised. (Plus it sort of reads off that way.)

 

I'll keep you updated, but so far I can't seem to find any evidence that LanaBoards was a victim of a data leak. I've even checked two password applications I use, neither of which has identified LanaBoards itself as a data leak victim x

 

(also, we do have a HTTPS/SSL script installed & running, but because some of the embedded images and site functions are coded in with HTTP rather than HTTPS, the padlock may not show on a page if it is technically "partially insecure" due to the images and tools using HTTP instead of HTTPS, but rest assured that all sensitive information is securely encrypted with our script)

 

My email and password for Lanaboards is actually unique to only Lanaboards and nowhere else! Always has been like that, so it can't have been any multiple combination problem :toofunny: 

 

Thanks for looking into this and good to know about the encryption! EDIT: And thank you for all your hard work and dedication into this site ? :heart:

1

Share this post

Link to post
Share on other sites

Lentilus    25,719

Lentilus
Posted
8 hours ago, admin said:

Hi,  I'm looking into this, and by some quick tests I've just run + through my contact at my host software, LanaBoards itself was not victim to a data leak. 

 

The Passwords application that you posted a screenshot from also identifies when you've used a password for another website, so my best guess is that what that notification was trying to tell you is that the email/password combination you have for LanaBoards has been exploited from another site's data leak where you registered with the same data, so they're advising you to change your password here to avoid your LanaBoards account being compromised. (Plus it sort of reads off that way.)

 

I'll keep you updated, but so far I can't seem to find any evidence that LanaBoards was a victim of a data leak. I've even checked two password applications I use, neither of which has identified LanaBoards itself as a data leak victim x

 

(also, we do have a HTTPS/SSL script installed & running, but because some of the embedded images and site functions are coded in with HTTP rather than HTTPS, the padlock may not show on a page if it is technically "partially insecure" due to the images and tools using HTTP instead of HTTPS, but rest assured that all sensitive information is securely encrypted with our script)

thanks Elle! :kiss2:

3

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Sign in to follow this  
Followers 0
Go To Topic Listing

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...