It turns out that BBF was hacked by a hacker who may well have access to your login/password information there. This is why they made everyone change their passwords. If you are using the same one here, change your password ASAP. If you are using the same login/password on some other site (like PayPal!), you are at serious risk, go change those passwords, too. This same hacker seems to be trying to hack our site, and has hacked at least one account so far. I think we're secure at this point, aside from him possibly knowing login/password info from BBF that is the same here.
luckily my BBF password was a stupid one that I use no where else. I changed it already, it was "12345678" haha. have fun with that "hacker"
did they really not inform their userbase of this potential problem? if this is correct, and they just had everyone reset their password, this is GROSS NEGLIGENCE on their part. Absolutely disgusting.
If, let's say for example, we're not allowed to post at BBF.com, do they still have our password info? BTW, thanks for the head's up guys. I for one appreciate it.
Yes. You should never use the same password for any sites (forums, credit cards, sites that pay bills, etc etc). Forums are the least of everyone's worries, but you are just putting yourself at risk. -Petey
To be technical about it... I don't know the full extent of how BBF was hacked. Your passwords are stored in the system encrypted; there's no way I can actually look at the DB and see your passwords. There may be hacks to the vB3 software that DO allow passwords to be stored so admins can see them; I don't know if BBF uses such a thing, and I know we don't. However, if a hacker gets the encrypted password, it is possible to turn it back into your real password, given enough time and fast enough computers. I'm giving you the head's up so you can control your own destinies. I'd never hide any information like this and put anyone at risk, nor share your email addresses or other personal info with anyone who shouldn't have it.
Thanks. I have simple passwords for any forums I visit and my financial info are single-use, randomly generated passwords that I memorize.
I'd have to guess the hacker got their information from here. My password was different on bff than here.
Okay, for future reference, any stupid post made under my moniker is the result of a hacker trying to make me look bad.
Nice try, since you say the same things here! Just kidding. You and barfo aren't the only ones allowed to be snarky, we're not on SportsTwo...oh, wait.
I would never guess that password to be honest lol. It would take me a thousand guesses before I'd type that in. I'd probably try birthdates, BenGordon, Avril, BG5Avril, AvrilBG5, and give up after 10-20 guesses (that is if I was really determined) lol. Could it have been spyware or something? I mean how do people steal people's credit card numbers? oh and is that why BG's name is in a different character set, because of the hacker?
thanks for the update. I'd imagine it's mostly people who donated that'd be at serious risk, but even just losing a forum account or something along those lines would suck.
Not that it applies to me, but I'm a little confused by that statement. Do you mean if you used the same log in name (like, Phillip for example) on the site that was hacked, and the same log in for paypal, they could hack your paypal? Don't you have to use an email address to log into paypal? I know I do (I changed my password anyways). So if someone who did have an account on bbf, now has one on here (but changed their name)..wouldn't they be safe?
To answer your several questions. If you use the same username and password on BBF and here, and/or on BBF and PayPal, and/or on BBF and Yahoo Bill Pay (choose any other similar sites), then the hacker could (in theory) have your login/password on them all. I used paypal as an example. Yes, you use an email address, but nothing stops you from using an email address for vb3's username, too. If the hacker sees you post at BBF as "john" and here as "peter" and can tell by your style, the same password makes it easy for him to login here as peter and there as john. BBF is making people change their passwords, or else. It accomplishes a good thing, though it can be confusing (I'm banned! I can't use rep!, etc.) Here, I'm outright telling you exactly what I know, and how you can handle it. BBF isn't telling you to go change your PayPal (or whatever other sites) passwords.
whew thanks for letting me know..i have the same password here, and the same password for my email..so he could've gone into my account and then got in my email...i changed both passwords for here and my email...bbf never asked me to change my password..... edit: nvm i just logged in and it asked me to change mine
