URGENT! LL security exploit

now i'm locked out of my own account, thanks ll

WAY TO FUCKING GO LINDEN LABS!

I purposefully do not give out my personal information in SL , now I find out they have been hacked and information like my ADDRESS is out there UNENCRYPTED!! In my country (Canada) we have strict laws protecting personal information kept electronically (PIPEDA), I will be contacting my lawyer regarding this although I doubt if there is a way to persure an American company.

I am seriously FUCKIN PISSED OFF about this, and to add insult to it, I change my password on the website AND I STILL CAN'T GET IN!

(I'm sure its just a delay since everyone is probably doing the same as me, but it sure doesn't help my mood right now).

Maybe if you gave direction to the people working there and TOLD them to do stuff, LIKE patch your servers or actively look for exploits, this would never have happened.

Well... Anybody know how to verify the password of several accounts which used a false email address? >.>

yeah, I agree. wtf, they stored the passwords in unencrypted form?

Wait, how do you change your security question and answer?

You can change them... can't you?

well now I'm pissed,

I cant get in with my primary accout or any of my alts and I still havent recived the email.
if i get debited this month for my $9.95 i'll screem.

This may be the last straw for me.

Oh great. I get the email back and it sends me to a page that says..

" Security Question
Please contact Linden Lab customer support, we do not have a security question on file for your account."

so now I'm waiting for email, when I was happily in the middle of a build before I logged :/.

I will say this is one instance I am very happy about the Linden Blog. I don't visit here often enough to be up on all the news. However, the forum I run has direct Linden Blog RSS Feeds so a topic was created as soon as Linden Posted it. Worked well and allowed some of our members to hear about it quicker than they would have without the Blog.

Nah,

The passwords are hashed and salted - so a dictionary attack is just about impossible (read: extremely impractical, but not mathematically impossible.)

I think LL is doing this just as a precaution, which is probably the right thing to do, even given that they are still likely secure.

I noticed that too. I was gonna be clever and use one from http://www.grc.com/password (meant for networks and wifi keys). It allowed me to SET that, but...

What I would really love to know is how can you reset your password if you dont remember your security hint.

You'll have to give them a call.
This is gonna be a bad, bad day for thier support lines.

I get the feeling we're going to lose quite a few residents to this.

Way to go Linden Lab... it's posted as the login message of the day.

How are you going to read that message if you can't actually log in?

Lewis

what a great day to close the forums, how ironic

Yours is still good, Josh.

I can't remember my security answer and i cant call LL this sucks

L33t H4X W0rld, Pwnt Im4g1ntn

Goodbye alts.

I love you.

i just gave them a call and got a nice recorded message saying you cant change your password over the phone FUCK!

to be honest my password was originally

cutoruncut ?

but now I have to think up something else.

Flawless logic LL, I <3 LL

The feeling I had about losing residents? Just bumped up to a certainty.

lewis, this honestly made me laugh out loud thank you

now THATS comedy man. ROFLMAO