Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@.

Search
  • FIRST POST
    • MSE Andrea
    • By MSE Andrea 9th Feb 18, 3:09 PM
    • 8,928Posts
    • 21,520Thanks
    MSE Andrea
    Password update prompt
    • #1
    • 9th Feb 18, 3:09 PM
    Password update prompt 9th Feb 18 at 3:09 PM
    Hi everyone

    As eagle-eyed regular forum members have noticed already, we're asking you all to update your passwords. You should be doing this regularly for your own peace of mind.

    Some hadn't been updated for some time and we want to make sure you change them regularly.

    Thanks for your patience. Have a great weekend.

    Andrea
    Could you do with a Money Makeover?


    Follow MSE on other Social Media:
    MSE Facebook, MSE Twitter, MSE Deals Facebook, MSE Deals Twitter, Forum Twitter, Instagram, Pinterest
    Join the MSE Forum
    Get the Free MoneySavingExpert Money Tips E-mail
    Report inappropriate posts: click the report button
    Point out a rate/product change
    Flag a news story: news@moneysavingexpert.com
Page 2
    • Prinzessilein
    • By Prinzessilein 9th Feb 18, 5:00 PM
    • 2,175 Posts
    • 10,131 Thanks
    Prinzessilein
    Just had to change mine....about 6 months after my last password change....why????...I could understand if everyone has to change after, say, 5 years....but why EVERYONE today - even if they have changed passwords recently...makes no sense!
    • ctdctd
    • By ctdctd 9th Feb 18, 5:07 PM
    • 865 Posts
    • 680 Thanks
    ctdctd
    4316 days here :-)

    But really - an insecure password change form on a financial site? Are we still in the last decade?
    Do Money Saving sites make you buy more bargains - and spend more money?
    • Stompa
    • By Stompa 9th Feb 18, 5:10 PM
    • 7,654 Posts
    • 3,737 Thanks
    Stompa
    4766 days!
    Stompa
  • jamesd
    1. To see what MSE does when there's a security prolem with the site read this MSE news story from 2009: https://www.moneysavingexpert.com/news/banking/2009/11/all-web-users-urged-to-run-anti-virus-check

    2. Not everyone has (yet) had to change their password, I'm one who hasn't been asked. But see 3...

    3. Back in 2011 I received spam on an email address only ever used for MSE and on investigation it turned out that my account had been accessed from someone else apparently in Belgium or Germany. Since then I've been getting prompted for passwords more often here than for most of my work and any of my financial accounts. I use reasonably secure ones.
    • pineapple
    • By pineapple 9th Feb 18, 6:50 PM
    • 6,024 Posts
    • 28,330 Thanks
    pineapple
    So everyone has to change their passwords all of a sudden, including newbies and it's just because some haven't been changed for a while and it's good to change them regularly anyway.
    Errm yeah right..................
    • Bogof_Babe
    • By Bogof_Babe 9th Feb 18, 6:54 PM
    • 10,075 Posts
    • 16,150 Thanks
    Bogof_Babe
    While changing my password just now I found the system still had an email address that I haven't used for about ten years. I corrected it, only to be told "that email address is already in use, have you forgotten your password?". Err, no...

    Anyway by re-starting the whole palaver I have apparently successfully changed my password, but the system is still showing a defunct email address. Presumably this doesn't matter then?
    I haven't bogged off yet, and I ain't no babe


    • tghe-retford
    • By tghe-retford 9th Feb 18, 6:55 PM
    • 351 Posts
    • 4,111 Thanks
    tghe-retford
    Can you confirm or deny whether this site has been hacked and member's passwords stolen?

    It's unusual to require a password change after 12 years without a good reason.
    Originally posted by keith969
    Any time I have seen a forced password change, it has always been down to a security breach.

    To claim that this move is to improve security and enforce regular password changes (far more frequent that what Government organisations who have access to confidential data use if someone had to change their password after 11 days!) whilst at the same time not implementing and using HTTPS as is becoming the norm for websites to implement, suggests to me that there has been a breach.

    When MSE does implement HTTPS (and they should do so as soon as possible), I would suggest everyone change their password again as a precaution to a strong password not used anywhere else because at this moment in time, the connection is not secure and anyone could intercept data between your browser and the website.
    Last edited by tghe-retford; 09-02-2018 at 6:57 PM.
    • nicechap
    • By nicechap 9th Feb 18, 7:02 PM
    • 955 Posts
    • 2,076 Thanks
    nicechap
    I wonder if its to do with the removal of the spam button for a few days? It was speculated someone had numerous accounts and used them to press the spam button which led the automatic deleting of posts and threads.
    Quote was right and saw into the future.
    • RichardD1970
    • By RichardD1970 9th Feb 18, 7:07 PM
    • 2,799 Posts
    • 4,082 Thanks
    RichardD1970
    Well that was a right pain in the !!!!!

    I have always only used the login with Facebook option.

    Do you think it would accept my Facebook password to allow me to change it. No chance.

    Right faff to sort it.

    The silence from the Forum Team as to why this is necessary is rather worrying.

    IF there has been a security breach, surely we need to know as I'm sure some people will have used the same password for other things (people are by nature lazy where these things are concerned )
    • MSE Andrea
    • By MSE Andrea 9th Feb 18, 7:37 PM
    • 8,928 Posts
    • 21,520 Thanks
    MSE Andrea
    Hi,

    Im sorry for the delay replying.

    This isnt the first time weve sent a prompt out in this or other ways. MSEs priority is to ensure your security so weve prompted everyone to change them.

    We realise it might be frustrating but your security comes first.
    Could you do with a Money Makeover?


    Follow MSE on other Social Media:
    MSE Facebook, MSE Twitter, MSE Deals Facebook, MSE Deals Twitter, Forum Twitter, Instagram, Pinterest
    Join the MSE Forum
    Get the Free MoneySavingExpert Money Tips E-mail
    Report inappropriate posts: click the report button
    Point out a rate/product change
    Flag a news story: news@moneysavingexpert.com
    • Lorian
    • By Lorian 9th Feb 18, 7:37 PM
    • 4,244 Posts
    • 2,381 Thanks
    Lorian
    So have account details been compromised?
    • jaibaby
    • By jaibaby 9th Feb 18, 8:11 PM
    • 3,253 Posts
    • 301,136 Thanks
    jaibaby
    Hi everyone

    As eagle-eyed regular forum members have noticed already, we're asking you all to update your passwords. You should be doing this regularly for your own peace of mind.

    Some hadn't been updated for some time and we want to make sure you change them regularly.

    Thanks for your patience. Have a great weekend.

    Andrea
    Originally posted by MSE Andrea
    No, you forced us.
    2018 wins: 25 / 2018

    Jan: Bingo bundle

    Thanks to all posters
    • Bogof_Babe
    • By Bogof_Babe 9th Feb 18, 8:12 PM
    • 10,075 Posts
    • 16,150 Thanks
    Bogof_Babe
    Hi,

    Im sorry for the delay replying.

    This isnt the first time weve sent a prompt out in this or other ways. MSEs priority is to ensure your security so weve prompted everyone to change them.

    We realise it might be frustrating but your security comes first.
    Originally posted by MSE Andrea
    But as forum posters don't tend to divulge personal information (other than what could be found by other means) on here, what is the danger?
    I haven't bogged off yet, and I ain't no babe


    • Tigsteroonie
    • By Tigsteroonie 9th Feb 18, 8:17 PM
    • 22,671 Posts
    • 56,533 Thanks
    Tigsteroonie
    So many questions, all remaining unanswered by MSE towers.
    Going to become Mrs Marleyboy for real in 2018

    MSE: many of the benefits of a helpful family, without disadvantages like having to compete for the tv remote

    Proud Parents to an Au-some son
    • Wizard of Id
    • By Wizard of Id 9th Feb 18, 8:17 PM
    • 3,022 Posts
    • 11,843 Thanks
    Wizard of Id
    compulsory password change, whatever next?
    Every man is innocent until proven broke.
    Cryin won't help you, prayin won't do you no good.

    Keep Moving in 2018 Challenge - Target 3333 miles
    This week - 78.7
    Total so far - 530.8
    • moonshine
    • By moonshine 9th Feb 18, 8:21 PM
    • 726 Posts
    • 1,361 Thanks
    moonshine
    Hi,

    Im sorry for the delay replying.

    This isnt the first time weve sent a prompt out in this or other ways. MSEs priority is to ensure your security so weve prompted everyone to change them.

    We realise it might be frustrating but your security comes first.
    Originally posted by MSE Andrea
    my goodness you'd make a good politician! You have replied but completely avoided the question you were asked.
    • Bedsit Bob
    • By Bedsit Bob 9th Feb 18, 8:22 PM
    • 9,979 Posts
    • 52,400 Thanks
    Bedsit Bob
    Does it matter? It's only a forum.
    Originally posted by Roland Sausage
    Agreed.

    I don't know about anyone else, but I've put nothing on here, that desperately needs to be kept secret.
    My job is Top Secret. Even I don't know what I'm doing.

    Amount I have so far denied the BBC - 1308

    Who are you to question why your god doesn't want me to believe in him?
    • Twopints
    • By Twopints 9th Feb 18, 8:25 PM
    • 1,461 Posts
    • 2,015 Thanks
    Twopints
    All these people so concerned about security that they haven't changed their password in over 10 years.....

    Not even wrong
    • frankennsteiny
    • By frankennsteiny 9th Feb 18, 8:25 PM
    • 14 Posts
    • 14 Thanks
    frankennsteiny
    Hi,

    Im sorry for the delay replying.

    This isnt the first time weve sent a prompt out in this or other ways. MSEs priority is to ensure your security so weve prompted everyone to change them.

    We realise it might be frustrating but your security comes first.
    Originally posted by MSE Andrea

    But our security isn't coming first when we are being asked to put a new password in over an unsecure connection leaving us open to hackers.

    This is taken from Chrome and is the same for firefox surely a massive site like mse should be a lot more secure.

    Info or Not secure
    The site isn't using a private connection. Someone might be able to see or change the information you send or get through this site.
    You might see a "Login not secure" or "Payment not secure" message. We suggest that you don't enter sensitive details, like passwords or credit cards.
    On some sites, you can visit a more secure version of the page:
    • Select the address bar.
    • Delete http://, and enter https:// instead.
    If that doesn't work, contact the site owner to ask that they secure the site and your data with HTTPS.

    • Bedsit Bob
    • By Bedsit Bob 9th Feb 18, 8:32 PM
    • 9,979 Posts
    • 52,400 Thanks
    Bedsit Bob
    One thing I have noticed. Since changing my password, the "Show first unread" button is missing from the search results list.

    It's making it hard to find where the threads had got to, the last time you visited.
    My job is Top Secret. Even I don't know what I'm doing.

    Amount I have so far denied the BBC - 1308

    Who are you to question why your god doesn't want me to believe in him?
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

3,263Posts Today

8,653Users online

Martin's Twitter