Official Freedom forums attacked

Status
Not open for further replies.

Stefan Grant

Moderator
Moderator
Staff Member
Freedom! Member
Sep 2, 2015
239
128
Hi Guys,

This is a quick post to confirm the Freedom forums were attacked in the early hours of this morning. We can confirm this was simply a front page change and due to the rapid response our development team, no account data has been compromised. This means No passwords and No personal information was exposed.

As a general security tip, however, we remind everyone that you should change your passwords every 30 days and now is a good time to be reminded of this if you haven't changed your passwords for a while.

Thanks,
Stefan Grant
 

zeke morgan

Mythic User
Freedom! Member
Dec 8, 2015
3,810
1,638
YouTube
Thanks for the update Stefan :) I'm sure our users will be happy to hear it was only a from page change and no account details were compromised.
 

Jonathan

"You don't know me...but you will"
Freedom! Member
Feb 1, 2016
819
383
26
UK
jonathan.carter.games
YouTube
Every 30 days would be one hell of a faf to do, especially if you own a lot of online accounts. I personally just have random passwords for everything. Seems to work well so far. Plus having 2 step verification when possible is a good idea.​
 

Stefan Grant

Moderator
Moderator
Staff Member
Freedom! Member
Sep 2, 2015
239
128
Every 30 days would be one hell of a faf to do, especially if you own a lot of online accounts. I personally just have random passwords for everything. Seems to work well so far. Plus having 2 step verification when possible is a good idea.​
2 step is also a really good solution. And yes passwords can be a pain there is good software out there to generate random password hashes and keep them secure for you to which is another great option :) I know @Anthony Smith was using one.
 

LW

Community Manager
Administrator
Moderator
Freedom! Member
Apr 2, 2016
3,045
1,251
21
Vienna, Austria
twitter.com
YouTube
lw_001
Another general rule I quickly want to mention (which is what saved me from the password logger) is to NEVER. NEVER ever enter your password on a site that isn't fully secure. The connections to the forums usually are protected and authorized with the certificates.

Heads up: Don't ever enter a password on a page that doesn't have a green icon saying it's secure in the address bar. Especially if the site usually has it.
 

Jonathan

"You don't know me...but you will"
Freedom! Member
Feb 1, 2016
819
383
26
UK
jonathan.carter.games
YouTube
2 step is also a really good solution. And yes passwords can be a pain there is good software out there to generate random password hashes and keep them secure for you to which is another great option :) I know @Anthony Smith was using one.

Well each password is random from my head, yea those can be safer in some ways but the chances of people guessing a 12 to sometimes 100 character password of with random numbers in the words and symbols is slim. I like it that way. It works well for me.
Another general rule I quickly want to mention (which is what saved me from the password logger) is to NEVER. NEVER ever enter your password on a site that isn't fully secure. The connections to the forums usually are protected and authorized with the certificates.

Heads up: Don't ever enter a password on a page that doesn't have a green icon saying it's secure in the address bar. Especially if the site usually has it.

Well yea, you do have to take the risk on some sites that are not secure such as this one :). but then having a different password on every account you own will mean it does like no harm as its useless to them on any other accounts.​
 

LW

Community Manager
Administrator
Moderator
Freedom! Member
Apr 2, 2016
3,045
1,251
21
Vienna, Austria
twitter.com
YouTube
lw_001
Well yea, you do have to take the risk on some sites that are not secure such as this one :). but then having a different password on every account you own will mean it does like no harm as its useless to them on any other accounts.
My password method is I have safe passwords on sites I care about and use the same password on sites I use throwaway accounts on to remember it.
 
Status
Not open for further replies.