LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > LinuxQuestions.org > LQ Suggestions & Feedback
User Name
Password
LQ Suggestions & Feedback Do you have a suggestion for this site or an idea that will make the site better? This forum is for you.
PLEASE READ THIS FORUM - Information and status updates will also be posted here.

Notices


Reply
  Search this Thread
Old 07-22-2013, 04:42 PM   #1
minrich
Member
 
Registered: Aug 2003
Location: Isles of Man & Wight
Distribution: See signature
Posts: 548

Rep: Reputation: 40
Ubuntuforums.org password breach (question for Jeremy)


Color me stupid, lazy, whatever.

But I was using the same passowrd and nym on Ubuntuforums as I use on LQ and/or AQ.

Starting with LQ I successfully changed my password, and it updated my Iceweasel saved passwords - then I jumped to Android Forum (via the Main Menu) and was automatically logged in as usual, but Iceweasel hadn't changed. So I entered my old password and new password (twice) and it updated both on AQ and Iceweasel.

Did I do this right? Or does changing my LQ password automagically change my AQ password?

Jeremy, perhaps you could write a brief sticky how-to whatever on both LQ and AQ home pages - just in case there are others like me who trusted UbuntuForums as I have come to trust LQ.

Now I have to wait on Canonical fixing their forums so that I can change my password there to something unrelated to any other sites!

Thanks in advance.
 
Old 07-22-2013, 06:36 PM   #2
k3lt01
Senior Member
 
Registered: Feb 2011
Location: Australia
Distribution: Debian Wheezy, Jessie, Sid/Experimental, playing with LFS.
Posts: 2,900

Rep: Reputation: 636Reputation: 636Reputation: 636Reputation: 636Reputation: 636Reputation: 636
Quote:
Originally Posted by minrich View Post
Color me stupid, lazy, whatever.

But I was using the same passowrd and nym on Ubuntuforums as I use on LQ and/or AQ.
While the question is very pertinent (I found out U was offline last night) I'm not sure it is smart to advertise to the world that you use the same nick and password on all sites. The people that broke into UF are possibly trawling every forum they can find right now.

Last edited by k3lt01; 07-22-2013 at 06:38 PM.
 
Old 07-22-2013, 07:26 PM   #3
minrich
Member
 
Registered: Aug 2003
Location: Isles of Man & Wight
Distribution: See signature
Posts: 548

Original Poster
Rep: Reputation: 40
@k3lt01 - Don't know if you are a member of AndroidQuestions, but since it opened it has always been possible to log in with LQ credentials, hence the same pwrd on both sites. When I started running Kubuntu , even though Debian based, I found that a lot of the config files changed names (upstart -anyone?) and I needed specific help getting my Broadcom Wireless working - it is very difficult to get a landline to my boat!

Needless to say, and sorry if I misled you, I only used the same pwrd on these three forums, i.e. my Debian pwrd is different.

Perhaps I was too trusting in Canonical's understanding of the security aspects of Forums running on vBulletin. I only posted here after reading the low-down on ars technica.
 
Old 07-22-2013, 08:05 PM   #4
k3lt01
Senior Member
 
Registered: Feb 2011
Location: Australia
Distribution: Debian Wheezy, Jessie, Sid/Experimental, playing with LFS.
Posts: 2,900

Rep: Reputation: 636Reputation: 636Reputation: 636Reputation: 636Reputation: 636Reputation: 636
I do use AndroidQuestions. Been on there for over a year. 2 questions, 1 introduction, and Jeremy is the only person that has replied to me in that time. I log in using a QuestionsNetwork password.

sputn1k has said s/he won't do anything, s/he is smart enough to deface a site but hasn't got the time to go through 1.8 million usernames and passwords apparently.

Anyway security was the issue on UF with mod/admin privileges having been handed out by the previous owner (Canonical did not start UF and did not own it until a couple of years ago) without keeping track of things. Also the version of VB used was apparently out of date as well. I'm pretty sure Jeremy is much more hands on and keeps a pretty tight lid on the QuestionsNetwork sites.

Having said all that if anyone uses the same password across multiple sites it is good practise, even though it is a huge pita, to change them.
 
Old 07-23-2013, 04:08 PM   #5
jeremy
root
 
Registered: Jun 2000
Distribution: Debian, Red Hat, Slackware, Fedora, Ubuntu
Posts: 12,462

Rep: Reputation: 3340Reputation: 3340Reputation: 3340Reputation: 3340Reputation: 3340Reputation: 3340Reputation: 3340Reputation: 3340Reputation: 3340Reputation: 3340Reputation: 3340
Quote:
Originally Posted by minrich View Post

Did I do this right? Or does changing my LQ password automagically change my AQ password?
Changing your password on any TQN site updates it across the entire network.

--jeremy
 
1 members found this post helpful.
Old 07-23-2013, 05:22 PM   #6
minrich
Member
 
Registered: Aug 2003
Location: Isles of Man & Wight
Distribution: See signature
Posts: 548

Original Poster
Rep: Reputation: 40
Thanks for the confirmation, I must now owe you a Guinness next time you're in Blighty.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ubuntuforums.org compromised odiseo77 General 1 07-21-2013 06:04 PM
Security Breach at kernel.org GazL Linux - Security 47 10-14-2011 12:49 PM
what'sis wrong with ubuntuforums.org reedf General 5 01-08-2009 07:43 AM
Problem Accessing Ubuntuforums.org Since Update popkid Ubuntu 5 07-08-2006 04:55 PM
freebsdforum.org or bsdforum.org are they 'jeremy' forum websites? t3gah LQ Suggestions & Feedback 1 06-12-2005 11:06 PM

LinuxQuestions.org > Forums > LinuxQuestions.org > LQ Suggestions & Feedback

All times are GMT -5. The time now is 10:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration