Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6
4 posts

Wannabe Geek


  Reply # 774733 5-Mar-2013 07:42
Send private message

Did the same thing to me, I put my user name in and hit send and it said it did not recoginize my user name so I put in my email address and it sent the link to my email along with my user name so I went bck to the site and tried my user name again and same thing said it did not recoginize my user name. I went back clicked the link changed my password and everthing worked fine.

14109 posts

Uber Geek
+1 received by user: 2527

Trusted
Subscriber

  Reply # 774734 5-Mar-2013 07:42
Send private message

sqlpro:atleast in this case, if all passwords are reset , how its going to re-authenticate before allowing new password?


You'd have to reauthenticate based on another token, or use the email address to reset passwords.




AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


563 posts

Ultimate Geek
+1 received by user: 89


  Reply # 774735 5-Mar-2013 07:45
Send private message

freitasm:
kenkeniff:
muppet: I'm curious - from a technical point of view, what did you do to the database to reset everyone's password? 

freitasm:
Technically? I was going to update one password but instead typed the command and pressed the EXEC button before finishing up the WHERE clause. That's not very technical...


I think he was asking did you;

a) NULL everyone's password so no-one should be able to log on?
b) Replace everyone's password with an identical HASH, in which case everyone could log on with the same password (if they knew what it was)?
or c) Replace everyone's password with a plain-text string (in which case you're storing plain-text passwords)?


a) NULL password

As for c) if I had stored a plain-text string then no one would be able to login either since the password is hashed and the likelihood of an English word matching a hash is pretty low...




Thanks for the clarification







BDFL - Memuneh
61186 posts

Uber Geek
+1 received by user: 11968

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 774741 5-Mar-2013 08:00
Send private message

Having said that... Looking at this now I should really just had put Geekzone on maintenance mode, restore the database and applied all logs to five minutes before the update.

This would be easier for everyone... Sorry again :)

I have updated the login page to accept either username or email in the reset field, and have changed the text. Also added labels to the reset page as someone here suggested it was hard to see both fields.

So in all some good changes.

And yes, I did get abused by a few people. People who join to enter competitions trying to score some freebies then call you names if you email them. Oh well.





some call me @jevvv
586 posts

Ultimate Geek
+1 received by user: 79

Mod Emeritus
Trusted
Lifetime subscriber

  Reply # 774743 5-Mar-2013 08:03
Send private message

Got the email, then couldn't see the wood for the trees - finally saw the New Password box Embarassed

It's probably not a bad idea for us to redo the password occasionally anyway ;) 




<- don't ask me where I am - I haven't a clue: its a tech thing ;)
Housewife computerer: not particularly great at either. 
And don't take me too seriously. 


955 posts

Ultimate Geek
+1 received by user: 222

Trusted
Subscriber

  Reply # 774744 5-Mar-2013 08:04
Send private message

Not to worry Mauricio, it shows that you are human - like most of us.

Those who never make mistakes are just better at finding someone to blame!




Procrastination eventually pays off.


aim

245 posts

Master Geek
+1 received by user: 9


  Reply # 774750 5-Mar-2013 08:22
Send private message

As a sys admin, I find this amusing :P

2385 posts

Uber Geek
+1 received by user: 286
Inactive user


  Reply # 774752 5-Mar-2013 08:22
Send private message

Just reset mine. No problems at all.
Was about time it needed changing anyway :-)))

150 posts

Master Geek
+1 received by user: 10


  Reply # 774753 5-Mar-2013 08:26
Send private message

Mine seems to still be working, just selected from my bookmarks and I'm in.



BDFL - Memuneh
61186 posts

Uber Geek
+1 received by user: 11968

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 774761 5-Mar-2013 08:37
Send private message

Cloudy: Mine seems to still be working, just selected from my bookmarks and I'm in.


That's because you were on Geekzone before with the option to keep logged in. Your browser has a token that will keep it logged in. We do not store the password on cookies, so if you logout now then you will see your password is reset, like everyone's else.





1948 posts

Uber Geek
+1 received by user: 469
Inactive user


  Reply # 774779 5-Mar-2013 09:06
Send private message

Pffft 70k. I've so got you beat on numbers and customer impact. No dramas though since it is very minor for most folks on here.... My case... Not so much.



BDFL - Memuneh
61186 posts

Uber Geek
+1 received by user: 11968

Administrator
Trusted
Geekzone
Lifetime subscriber

Reply # 774781 5-Mar-2013 09:08
Send private message

plambrechtsen: Pffft 70k. I've so got you beat on numbers and customer impact. No dramas though since it is very minor for most folks on here.... My case... Not so much.


Good try at trolling. I will recommend PeterReader have a word with you to learn the tricks.

The difference is that 70k reset passwords on Geekzone by a mistaken EXEC is different from 70k accounts accessed by spammers on Yahoo!Xtra.

It's not all numbers. As you said, it's the impact...







89 posts

Master Geek
+1 received by user: 19


  Reply # 774798 5-Mar-2013 09:21
Send private message

Aaroona: Lets call it "security awareness day" instead off "oops I flicked the wrong switch!" :p everyone should change their passwords sometime!


x2

Aussie
4232 posts

Uber Geek
+1 received by user: 1203

Trusted
Subscriber

  Reply # 774824 5-Mar-2013 09:51
Send private message

Handy, because I'd forgotten my password anyway!
Cheers, and stuff the competition whiners.

1828 posts

Uber Geek
+1 received by user: 215
Inactive user


  Reply # 774858 5-Mar-2013 10:23
Send private message

Thanks for the email heads up it was probably a good time to change the password anyways been using the same one for far too long

and as my fav saying goes

Sh@t happens sometimes you just get stuck in the middle of it !

1 | 2 | 3 | 4 | 5 | 6
View this topic in a long page with up to 500 replies per page Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.