| Mors |
Important Security Update
Nov 21 2020, 9:47 PM
|
|
 |
A while ago we have discovered a security hole in our main site software. The hole is now patched, We don't know if this happened for sure, and the passwords were hashed, so it's not as bad as it sounds. But regardless, just to be safe, I went ahead and made it so that every user has to change their passwords to keep using the site. It might be a bit annoying to be forced to change your password, but I believe this is for the best. As a precaution, I've also upped the security of the backend. Let's just say that if anything like this happens again in the future, the impact will be much much lower. I know this is a bit of an oversimplification but I don't wanna get too much into detail. EDIT: More information came to light and we now believe that no database leak actually took place. We, however, will still force users to reset their passwords, as that is a required step of the security improvement we have made. |
|
| View Comments (10) | Leave Comment | ||
| Comments |
 |
Recent Nov 22 2020, 12:33 AM |
|
|
cool now finish flashback <:)
|
||
| 1 like from: VinnyVideo | ||
|
|
Recent Nov 22 2020, 12:33 AM |
|
|
and midas machine too
|
||
|
|
Mors Nov 22 2020, 1:35 AM |
|
|
no........
|
||
 |
Klug Nov 22 2020, 5:45 AM |
|
|
So, this only applies to the main site and not the forums?
|
||
 |
redstone02 Nov 22 2020, 8:51 AM |
|
|
Quote (Klug on Nov 22 2020, 5:45 AM) So, this only applies to the main site and not the forums? since the DB of the main site and the forum are different, so one does not impact the other |
||
|
|
Mors Nov 22 2020, 4:32 PM |
|
|
Quote (redstone02 on Nov 22 2020, 8:51 AM) since the DB of the main site and the forum are different, so one does not impact the other Yup, both the forums and the main site don't share databases, nor code. They are completely separate from each other. We plan to integrate both in the future, but for now they will stay separate. |
||
 |
5teven Nov 25 2020, 9:53 AM |
|
|
Small "Security" Notice when you enter the same password you had before it will tell you "you can't use the same password you already used" how it should, however instead of forcing you to enter a new password again it will still log you in normally (thus going around the "new-password" force), might want to fix that for the next time. EDIT: It does ask you to change it when visiting the games/hacks/sprites etc. sections though, commenting etc. works fine though |
||
|
|
Bisky Nov 26 2020, 9:11 PM |
|
|
step 1: make new password step 2: change back to original password step 3: ??? step 4: profit |
||
| 1 like from: OssieTheOstrich | ||
 |
OssieTheOstrich Nov 27 2020, 6:15 AM |
|
|
Well this was kind of unexpected.
|
||
|
|
GlitchKid_YT Dec 1 2020, 2:03 AM |
|
|
Thanks for telling us when I wanted to add something to favourites it said I had to have an account, wich was weird since I have one obviously, so when I clicked my account it said I had to change my password and I tough it was a BUG or something like that
|
||