Discussion in 'Dancers Anonymous' started by DanceMentor, Aug 22, 2012.
Tapatalk hasn't been able to log into the forum lately for me.
To protect users' passwords, data in transit, overwritten texts, and for variety of other reasons.
In our times, it is very irresponsible to take in users' passwords without some protection of the password in transit. I am sure that some DFers use the same password elsewhere - the one that can be captured during logging into danceforums and exploited on some other web site. The victim would not know how his account was hacked.
It was a strange side effect. I did not ask for the change, but the developer that did the upgrade somehow did it. I agree it is more readable, so maybe going to let it roll for now. Other than not being artistically amazing, the main thing is we have a happy community that can read and communicate with each other. Blue so often is thought to be the color of communication.
Noted. If we do some more development and it is easy to do, maybe we will include this change in the future. Up to this point, I'm not aware of anyone getting hacked, either here or on their computer as a result of the current system. I personally have a separate password for things like Dance Forums that is quite different to something like banking or even Facebook, and I'm sure most people also do this too.
Using Chrome here. Does anyone else have an issue where you'll scroll down a forum list, pick a topic, read it, then hit the "back" button, and Chrome refreshes the forum list page from the top, then has to shift down again to the previous position?
Yep, but it does that on other sites too, so I don't think it's a dance forums specific thing.
When I click on the auction link at the top of the page, it takes me there but I am no longer logged in, despite having checked "stay logged in" when I first logged in. I haven't had the unintentional logout problem in other areas recently, so I thought I should mention it.
I am not entirely certain it is a DF issue. I am unable to access another forum I haunt via tapatalk...
Good choice made!
Several forums (not dance-related) running vBulletin software were hacked recently. Some forums were very large and for technically advanced users.
The way of hacking is not known for sure, but possibly a vulnerability in vBulletin's software was exploited.
Stolen were users' data, including password hashes. It is possible, especially for simple passwords, to find out the passwords using the hashes.
DanceForums uses XenForo's software, which can roughly be decsribed as forked version of vBulletin. They have common roots. It is unknown how reliable XenForo's software is compared to vBulletin's.
DF transmits users' names and passwords in open. This means that the data is available to anybody with the technical means. But if a hack occurs, the user data will be stolen en masse, which is more interesting to hackers.
Here is my advice to users of DF to minimize the potential damage.
* DON'T USE YOUR DF'S PASSWORD ANYWHERE ELSE! This is what the hackers are after. Consider the password public knowledge.
* Use complex passwords. Beginning certain level (at least eight characters, no dictionary words, even misspelled ones), passwords become difficult to guess using stolen hashes of them.
* Assume that all reading and writing on DF is done over an open, public channel.
* Even though you may not have given your name, by combining pieces of information, it is possible to figure it out, with high degree of certainty.
* Don't give your main email to DF. In case of a hack, it will be likely sold (for a very small price), spammed and abused in other ways.
Well, one may not complain... Forum by definition is a public space where open discussion occurs, isn't it?
Separate names with a comma.