Second Life Forums Archive - change your password !

Lanie Lunasea

Registered User

Join date: 6 Aug 2008

Posts: 15

08-06-2008 19:56

I just received a message from someone saying their password was used to buy $300 worth of Lindens. She is getting a refund and Linden's advice is to change your password daily or every week. I wanted to warn everyone

Raymond Figtree

Gone, avi, gone

Join date: 17 May 2006

Posts: 6,256

08-06-2008 20:08

If you have to change your password once a week, SL is not secure. If SL is not secure, LL better do something about it fast.

_____________________

Read or listen to some Eckhart Tolle. You won't regret it.

Alicia Sautereau

if (!social) hide;

Join date: 20 Feb 2007

Posts: 3,125

08-06-2008 20:17

my password gives cracker software a headache with several months cpu time to break it, changing it a week will give me a headache (and 1000 password recovery attempts a week)

Malina Chuwen

Evotive

Join date: 25 Apr 2008

Posts: 502

08-06-2008 20:25

Agreed.. If your info gets stolen, it's your own fault. Don't log into fake websites and don't give it out.

I've never had an account stolen.

Lanie Lunasea

Registered User

Join date: 6 Aug 2008

Posts: 15

08-06-2008 21:00

I'm surprised she is getting a refund if it was her own fault.

Xerxes Kingstop

supercalifragisomecrap

Join date: 20 Mar 2008

Posts: 416

08-06-2008 22:14

Daily?

ummm.... right.

_____________________

.
.
lucky man
lucky man
very lucky man
.
.___________

Miles Beck

MilesBeck.com

Join date: 20 Mar 2007

Posts: 537

08-06-2008 22:39

If you've changed your password since the most recent Beta Grid update, isn't it a problem to log into it? Or has LL fixed that?

_____________________

BECK'S GREETING CARDS, INVITATIONS & GIFTS

- Inworld: http://slurl.com/secondlife/FairChang%20Balboa/23/72/25/
- Xstreet: http://bit.ly/nH1n9

Deira Llanfair

Deira to rhyme with Myra

Join date: 16 Oct 2006

Posts: 2,315

08-06-2008 22:51

Some time ago there was a problem where passwords were being hacked in cases where the user had checked the "remember password" box on login. This was very quickly fixed at the time, but I hope the problem hasn't come back! Best not use the remember password function just in case.

_____________________

Deira

Must create animations for head-desk and palm-face!.

Lanie Lunasea

Registered User

Join date: 6 Aug 2008

Posts: 15

08-07-2008 12:30

changing my password weekly (not daily) until SL has this problem fixed

Milla Alexandre

Join date: 22 Jan 2007

Posts: 1,759

08-07-2008 12:43

Never had a problem with passwords.....I've never shared my account..never logged into SL from anywhere but my own PC....and never checked 'remember my password'. Actually....I've never had any kind of issues with passowrds or info being stolen. Of course....now that I say this....I'll probably have my identity stolen. LOL

But, it leads me to believe it's not LL's fault......and if a hacker does manage to get account info....well.....unfortunately there's hackers out there who DO get into all kinds of data bases. So....doesn't surprise me. But there again....it's random. If someone other than a hacker gets password info, then I would assume that the user wasn't being careful enough...or shared personal info when they shouldn't have.

Jorus Xi

Registered User

Join date: 27 Dec 2006

Posts: 14

08-07-2008 15:49

From: Deira Llanfair

Some time ago there was a problem where passwords were being hacked in cases where the user had checked the "remember password" box on login. This was very quickly fixed at the time, but I hope the problem hasn't come back! Best not use the remember password function just in case.

That... wasn't the problem at all. LL's servers themselves were compromised and data gleaned right from the SQL.

There is no difference between leaving it hashed with the checkbox clicked and typing it and then sending it.

Miles Beck

MilesBeck.com

Join date: 20 Mar 2007

Posts: 537

08-07-2008 16:05

From: Jorus Xi

That... wasn't the problem at all. LL's servers themselves were compromised and data gleaned right from the SQL.

There is no difference between leaving it hashed with the checkbox clicked and typing it and then sending it.

Jorus, I believe you're referring to a different problem. Deira's correct about the remember-password problem from last fall.

_____________________

BECK'S GREETING CARDS, INVITATIONS & GIFTS

- Inworld: http://slurl.com/secondlife/FairChang%20Balboa/23/72/25/
- Xstreet: http://bit.ly/nH1n9

change your password !
Lanie Lunasea Registered User Join date: 6 Aug 2008 Posts: 15	08-06-2008 19:56 I just received a message from someone saying their password was used to buy $300 worth of Lindens. She is getting a refund and Linden's advice is to change your password daily or every week. I wanted to warn everyone
Raymond Figtree Gone, avi, gone Join date: 17 May 2006 Posts: 6,256	08-06-2008 20:08 If you have to change your password once a week, SL is not secure. If SL is not secure, LL better do something about it fast. _____________________ Read or listen to some Eckhart Tolle. You won't regret it.
Alicia Sautereau if (!social) hide; Join date: 20 Feb 2007 Posts: 3,125	08-06-2008 20:17 my password gives cracker software a headache with several months cpu time to break it, changing it a week will give me a headache (and 1000 password recovery attempts a week)
Malina Chuwen Evotive Join date: 25 Apr 2008 Posts: 502	08-06-2008 20:25 Agreed.. If your info gets stolen, it's your own fault. Don't log into fake websites and don't give it out. I've never had an account stolen.
Lanie Lunasea Registered User Join date: 6 Aug 2008 Posts: 15	08-06-2008 21:00 I'm surprised she is getting a refund if it was her own fault.
Xerxes Kingstop supercalifragisomecrap Join date: 20 Mar 2008 Posts: 416	08-06-2008 22:14 Daily? ummm.... right. _____________________ . . lucky man lucky man very lucky man . .___________
Miles Beck MilesBeck.com Join date: 20 Mar 2007 Posts: 537	08-06-2008 22:39 If you've changed your password since the most recent Beta Grid update, isn't it a problem to log into it? Or has LL fixed that? _____________________ BECK'S GREETING CARDS, INVITATIONS & GIFTS - Inworld: http://slurl.com/secondlife/FairChang%20Balboa/23/72/25/ - Xstreet: http://bit.ly/nH1n9
Deira Llanfair Deira to rhyme with Myra Join date: 16 Oct 2006 Posts: 2,315	08-06-2008 22:51 Some time ago there was a problem where passwords were being hacked in cases where the user had checked the "remember password" box on login. This was very quickly fixed at the time, but I hope the problem hasn't come back! Best not use the remember password function just in case. _____________________ Deira Must create animations for head-desk and palm-face!.
Lanie Lunasea Registered User Join date: 6 Aug 2008 Posts: 15	08-07-2008 12:30 changing my password weekly (not daily) until SL has this problem fixed
Milla Alexandre Milla Alexandre Join date: 22 Jan 2007 Posts: 1,759	08-07-2008 12:43 Never had a problem with passwords.....I've never shared my account..never logged into SL from anywhere but my own PC....and never checked 'remember my password'. Actually....I've never had any kind of issues with passowrds or info being stolen. Of course....now that I say this....I'll probably have my identity stolen. LOL But, it leads me to believe it's not LL's fault......and if a hacker does manage to get account info....well.....unfortunately there's hackers out there who DO get into all kinds of data bases. So....doesn't surprise me. But there again....it's random. If someone other than a hacker gets password info, then I would assume that the user wasn't being careful enough...or shared personal info when they shouldn't have.
Jorus Xi Registered User Join date: 27 Dec 2006 Posts: 14	08-07-2008 15:49 From: Deira Llanfair Some time ago there was a problem where passwords were being hacked in cases where the user had checked the "remember password" box on login. This was very quickly fixed at the time, but I hope the problem hasn't come back! Best not use the remember password function just in case. That... wasn't the problem at all. LL's servers themselves were compromised and data gleaned right from the SQL. There is no difference between leaving it hashed with the checkbox clicked and typing it and then sending it.
Miles Beck MilesBeck.com Join date: 20 Mar 2007 Posts: 537	08-07-2008 16:05 From: Jorus Xi That... wasn't the problem at all. LL's servers themselves were compromised and data gleaned right from the SQL. There is no difference between leaving it hashed with the checkbox clicked and typing it and then sending it. Jorus, I believe you're referring to a different problem. Deira's correct about the remember-password problem from last fall. _____________________ BECK'S GREETING CARDS, INVITATIONS & GIFTS - Inworld: http://slurl.com/secondlife/FairChang%20Balboa/23/72/25/ - Xstreet: http://bit.ly/nH1n9

Welcome to the Second Life Forums Archive

change your password !