Tweet
Hi guys,
The forum looks to have had a brute force attempt at passwords recently.
Our security measures in place have done their job's correctly and notified users that their accounts have been locked for a brief period of time to prevent any future failed login attempts.
These type of attacks are known as brute-force hacks due to their nature, whereby the person/devices attempting to gain access to accounts will use a pre-defined list of passwords and will attempt to run every one of them against a username in the hope that one of them will eventually work.
The purpose of doing this is so that they may then use pre-registered accounts to post ad's, spam or simply gain users information which can then be re-sold to help fund other ventures.
If you've received one of these emails, this isn't cause for concern as your account will have already been temporarily locked and the bot/person carrying out this attempt typically moves on after this has happened.
If you're concerned that your account may be vulnerable, I would suggest that you look at updating your password to something secure. A good set of rules to follow on a "secure" password follows:
- Whenever possible, use eight characters or more.
- Don't use the same password for everything. Cybercriminals steal passwords on websites with very little security, and then they try to use that same password and user name in more secure environments, such as banking websites.
- Change your passwords often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites about every three months.
- The greater the variety of characters in your password, the better. However, password hacking software automatically checks for common letter-to-symbol conversions, such as changing "and" to "&" or "to" to "2."
- Use the entire keyboard, not just the letters and characters you use or see most often.
Cheers,
Liam
The forum looks to have had a brute force attempt at passwords recently.
Our security measures in place have done their job's correctly and notified users that their accounts have been locked for a brief period of time to prevent any future failed login attempts.
These type of attacks are known as brute-force hacks due to their nature, whereby the person/devices attempting to gain access to accounts will use a pre-defined list of passwords and will attempt to run every one of them against a username in the hope that one of them will eventually work.
The purpose of doing this is so that they may then use pre-registered accounts to post ad's, spam or simply gain users information which can then be re-sold to help fund other ventures.
If you've received one of these emails, this isn't cause for concern as your account will have already been temporarily locked and the bot/person carrying out this attempt typically moves on after this has happened.
If you're concerned that your account may be vulnerable, I would suggest that you look at updating your password to something secure. A good set of rules to follow on a "secure" password follows:
- Whenever possible, use eight characters or more.
- Don't use the same password for everything. Cybercriminals steal passwords on websites with very little security, and then they try to use that same password and user name in more secure environments, such as banking websites.
- Change your passwords often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites about every three months.
- The greater the variety of characters in your password, the better. However, password hacking software automatically checks for common letter-to-symbol conversions, such as changing "and" to "&" or "to" to "2."
- Use the entire keyboard, not just the letters and characters you use or see most often.
Cheers,
Liam
Comment