We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Password reset questions and feedback
Options
Comments
-
MSE_Andrea wrote: »Hi
Sorry for the lack of notice to the password reset – we should have told you, but we didn’t want to draw attention to the spam creators.
We wanted to clamp down on the amount of spam that gets posted to the forum, and one of the many measures taken was to ask everyone to reset their password, and thus help weed out the bots and disposable accounts.
We’re sorry for the inconvenience caused, but hopefully most managed to easily reset theirs.
If you can’t remember your password you can get a reset link sent to the email you used to register your account.
If you've changed your email address please update it in your user profile settings. If you're having problems updating it e.g., you no longer have access to the email account you registered with please email the Forum Team telling us your original email address.
As an extra measure we’ve also put in place a 90 day time limit for password expiry, and would appreciate your feedback.
Whats the point in giving feedback when you've ignored the feedback in the last thread. You are forcing people to change their password over an insecure connection so passwords and user names are sent in plain text. You're also allowing people to just use the same password.
So ignoring those facts, the fact you're still not using SSL means are suggestions are meaningless as they are just being ignored.
So changing to a 90 day change is just going to annoy everyone, again, because you'll just do it over an insecure connection. So people logging in on free WIFI may well be having their logins stolen. Which the spammers can then use.0 -
Or have newbie new threads subjected to mod approval first - as many newbies will join specifically to ask a question when they have a problem, so I would guess that statistically many newbies first post will be in their own new thread.
That might be ok on a modest sized forum, but on something this big approving pre-moderated new posts and threads would probably be a lot more work than the actual spam problem, and also might well alienate or disorientate new people whose posts didn't appear until 2 or 6 hours later.0 -
Whats the point in giving feedback when you've ignored the feedback in the last thread. You are forcing people to change their password over an insecure connection so passwords and user names are sent in plain text. You're also allowing people to just use the same password.
So ignoring those facts, the fact you're still not using SSL means are suggestions are meaningless as they are just being ignored.
So changing to a 90 day change is just going to annoy everyone, again, because you'll just do it over an insecure connection. So people logging in on free WIFI may well be having their logins stolen. Which the spammers can then use.
Exactly what I feel: but much more articulate.0 -
Can't the forum admin use a vB plugin to regulate sign-ups? I'm admin on a forum myself, we use Xenforo with the Honeypot plugin which is great at stopping spam.0
-
I decided that myself when I tried to navigate out of this forum after posting and saw just how many that there were and realised it would be a near-impossible task to keep on top of.That might be ok on a modest sized forum, but on something this big approving pre-moderated new posts and threads would probably be a lot more work than the actual spam problem[...].0 -
Can't the forum admin use a vB plugin to regulate sign-ups? I'm admin on a forum myself, we use Xenforo with the Honeypot plugin which is great at stopping spam.
Because they are a business its probably seen as "not cost effective". At some point, it wouldn't surprise me if they dump the forum as a "cost saving". Which would be a mistake as I'm sure lots of people come here and read the main site because of the forum. If the forum goes, I suspect they'll get a lot less traffic to the main site.0 -
Working then ! :mad:MSE_Andrea wrote: »We wanted to clamp down on the amount of spam that gets posted to the forum0 -
Given that Letsencrypt offer free SSL certificates and would take all of 2-3 minutes to configure, there is literally zero excuse for not running this site on HTTPS other than incompetence or negligence.
Which is it?
Would you like me to configure it for you?0 -
Can MSE Andrea when looking for the feedback, just answer the questions that everyone is asking?
1. Has the site been hacked?
2. Has data on forum members been compromised in any way?
Or does she just want to answer the posts that suit her?0 -
They have explained why on two threads and closed the threads directing us here without even addressing the every 5 day issue.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.6K Spending & Discounts
- 244K Work, Benefits & Business
- 598.9K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.3K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards