Password reset questions and feedback

Pollycat

Chickabiddybex wrote: »

As a board guide, we speak to the forum team frequently about spam, so I thought I'd give you guys as much of an update as I could. I'm just trying to be helpful. If that's peed you off... I dunno why.

Honestly it's really disheartening when you stay up late getting rid of the spam as soon as it pops up (or as soon as I see it) to prevent as much disruption as possible, and then get this in return.

But this isn't about spam.

It's about a forced password change that appears to have resulted in some long-standing members losing their accounts totally. (Not me as I remember my password)
And then apparently, another forced password change 5 days later.
And - imho - more importantly, those forced password changes are over a non-secure connection.

FWIW, I always zap spam when I see it too.

Finally, I feel your post about 'no hack' has been helpful, so thanks for that.
But it really should have come from MSE and much earlier.

ScorpiondeRooftrouser

Chickabiddybex wrote: »

As a board guide, we speak to the forum team frequently about spam, so I thought I'd give you guys as much of an update as I could. I'm just trying to be helpful. If that's peed you off... I dunno why.

Honestly it's really disheartening when you stay up late getting rid of the spam as soon as it pops up (or as soon as I see it) to prevent as much disruption as possible, and then get this in return.

I'll tell you why, then. What you did was entirely miss the point. They have been asked for five days to officially state whether the site has been hacked. Despite posting numerous times in those five days, they have never done this. You saying "Ooh, they are all busy" is an insult to people's intelligence....they have not been asleep for five days, and they have found time in those five days to post a lot of things that were not nearly as important. They are deliberately ignoring the question and not providing a response.

ScorpiondeRooftrouser

Pollycat wrote: »

But this isn't about spam.

It's about a forced password change that appears to have resulted in some long-standing members losing their accounts totally. (Not me as I remember my password)
And then apparently, another forced password change 5 days later.
And - imho - more importantly, those forced password changes are over a non-secure connection.

FWIW, I always zap spam when I see it too.

Finally, I feel your post about 'no hack' has been helpful, so thanks for that.
But it really should have come from MSE and much earlier.

She doesn't know there's been no hack! She hasn't been given that information. She clearly said on being questioned that "no hack" was not an official or an authorised response.

ScorpiondeRooftrouser

If anyone is wondering why it matters, it matters because I can absolutely guarantee there are people on here using the same user name and password combination here as they do on their bank account. They shouldn't be, but there will be. If MSE's security has been compromised and someone has got hold of this information, they need to be warning people so they can go and change their passwords in places where it actually matters; not faffing around with this forum.

[Deleted User]

Pollycat wrote: »

I feel your post about 'no hack' has been helpful,

It's only "helpful" if it's definitely true.

Personally I find it suspicious that this question and numerous others about the second password reset after five days have been roundly ignored by the actual forum team.

I respect Chickabiddybex's attempt to reassure us all that there has apparently been no hack, but I'd prefer such assurances to come from an official source.

System

If anyone is wondering why it matters, it matters because I can absolutely guarantee there are people on here using the same user name and password combination here as they do on their bank account.

More fool them.

ScorpiondeRooftrouser

MilliesMum wrote: »

More fool them.

There's always one.

ScorpiondeRooftrouser

12:30pm. I presume they are all still asleep, eh.

JReacher1

Moneyineptitude wrote: »

It's only "helpful" if it's definitely true.

Personally I find it suspicious that this question and numerous others about the second password reset after five days have been roundly ignored by the actual forum team.

I respect Chickabiddybex's attempt to reassure us all that there has apparently been no hack, but I'd prefer such assurances to come from an official source.

I don't believe that if there had been a forum hack that this would have been briefed to the volunteer board guides.

Therefore although I respect Chickabiddybex a lot I find it unlikely that they would have been informed of any potential security breach.

I do however suspect as opposed to any data hack it is just a bit of incompetence on the behalf of the MSE IT team who accidentally did the reset twice.

ScorpiondeRooftrouser

JReacher1 wrote: »

I don't believe that if there had been a forum hack that this would have been briefed to the volunteer board guides.

Therefore although I respect Chickabiddybex a lot I find it unlikely that they would have been informed of any potential security breach.

I do however suspect as opposed to any data hack it is just a bit of incompetence on the behalf of the MSE IT team who accidentally did the reset twice.

That's what I would think if they hadn't avoided answering the question for six days. Every day that goes by without an answer makes me more and more of the opinion that there has been a security breach.