Jeep Enthusiast Forums banner

Attention - Upcoming Password Update

7K views 36 replies 18 participants last post by  Admin 
#1 · (Edited)
Hello Everyone,

Per the latest announcements we will be resetting everyone's passwords. Shortly you should be receiving an email directing you how to change your password. It will look like this:

Subject: Your new password for *site name*
Dear *username*,

Your password has been reset by an administrator. Your new details are as follows:

Username: *username*

Password: *Randomly generated temp password*

To change your password, please visit this page: *link to password reset edit page from USERCP*

If you suspect this email is a scam, you can confirm the legitimacy of this email by manually navigate to the forum URL yourself and use your new password to log in.

All the best,

Site Name
As you can see it will give you a randomly generated temporary password, as well as telling you where you need to go to updated it accordingly.

If you do not receive this email please go to the contact us page and select Other, and type in Security Password Update Issues

We're sorry for the inconvenience.

The Community Support Team
 
#3 ·
Hello Everyone,

We wanted to give you an update on the reset password emails that went out yesterday. Due to the high volume of emails going out and some service providers blocking them as spam, users have either been getting them late, or not at all. If you have not received your password reset email please use the password reset function "forgot password". These emails will go through a paid provider and should show up instantly.
To do so just go to log in >> once it redirects you click forgot password >> follow the steps provided.
If you do not remember the email address associated with your account you can use the contact us tab at the bottom of the page to email us for assistance. Please select the "other" option and add subject "security password issues"

We apologize for any disruption this has caused to your forum experience.
 
#5 ·
Per the latest announcements we will be resetting everyone's passwords.
I must be behind the 8-ball, because I missed the announcement. Where can we go to see the announcement and any others in the future? In this particular case I'm specifically interested in learning what precipitated such an extreme move. Was JF or its parent company hacked? Or something else?
 
#7 ·
Deacon, a LARGE number of forum/websites were hacked, most of which are owned by the same parent companies.

See the article link below.

Visitors to many popular car, sports and tech websites including VWVortex, The Truth About Cars, Pirate 4x4, Focus Fanatics, EvoXForums, and AutoGuide should change their passwords ASAP, reports ZDNet. 45 million accounts hosted on VerticalScope's 1,100 sites have been compromised by hackers.
http://jalopnik.com/45-million-accounts-hacked-at-some-of-the-biggest-car-f-1782030203
 
  • Like
Reactions: Deacon
#6 ·
I FINALLY got to reset my password.... Now my new issue is, anytime I click a topic, as I did to come to this topic after logging in, I have to RE-log in to reply......
 
#8 ·
The requirement of 10 characters I don't mind, but they're really sticking it to their users when requiring one of ALL of the various characters (upper, lower, numerals, specials). And they don't say how long the passwords can be, the limit, only the minimum. Ugh.

I strongly recommend everyone consider using something like mSecure or LastPass to securely keep track of passwords and generate new complex ones for each different site.
 
#10 ·
They should require that you reset your password on first login so that it's only a temporary password. Or really, the proper way to do it is a one-time URL that validates your email and prompts you to choose a new password.

But it's a Jeep forum, not your bank info. If your email is hacked you have bigger things to worry about than your login on JF probably ;)
 
#11 ·
This is a huge PITA! I had to create a whole new account because I never got the email,couldn't use the email address I originally used to sign up on here, was never redirected to the "forgot password" screen. I've tried the various steps that have been put out to reset my password...nada. I would rather just be able to use my old account than have to redo everything...ugh.
 
#13 ·
was never redirected to the "forgot password" screen.
Try here: http://www.jeepforum.com/forum/login.php?do=lostpw

I would rather just be able to use my old account than have to redo everything...ugh.
yeah, it was not handled well at all. They could've and should've simply required you to change your password on next login if they were that worried about it. Or maybe don't ignore their responsibility to keep their software updated, use HTTPS, and protect their customers' info.
 
#16 ·
I ended up deleting my Cache files (Mac) and going into the System Preferences (Safari) and deleting ALL duplicate password keys for JF in the "PASSWORDS" tab.
After restart, I logged in to this JF site and entered my user name and NEW password. (clicked the "Remember Me" box) - It seems to be doing fine now.
 
#21 ·
Trying to reregister and now it's saying e-mail is already in use. If I put in another e-mail address, can I change it back to my old one once I'm back in?
 
G
#25 ·
I never got any email to reset, and when I go to the reset password page, it is telling me that my email is not recognized... which as you know... or dont know..., does not allow me to go any further down the support chain... I have a feeling after reading some of this, that I'll be out for a while... or have to start a new profile.

Got to ask... As a tech company, you never contingency plan for things? Just winging it? Sitting back and collecting ad rev? Also your use of ads on the "prove you are a human" thing is maddeningly annoying.
 
#27 ·
Wait... I just logged in today and now see a message that passwords will be reset (again?!) between 21 and 23rd?! I JUST got a password that is long as **** that matches all the now requirements... and i have to do it again?!
 
#30 ·
I like that in the notice they finally posted publicly at http://www.verticalscope.com/about-us/notice-of-data-breach.html they seem to put the onus on users, implementing extreme and draconian new password policies even banks and PayPal and such don't have. They make it sound like it was their users that caused the problem. And they make no mention of actually updating their often outdated (and thus vulnerable) forum software for their thousand+ sites or their infrastructure design behind it or any other strategy to stop hacks in the first place, only increasing detection once hacks have already taken place and maybe trying to keep hacked data encrypted better. It's very frustrating.
 
#31 ·
so I cant get into my old account because I dont even know what email I used 8 years ago when I started here.. I sent a question to someone on here but have not gotten an answer back as of yet on what to do...have I lost my old account and are forced to use this one because of the breach or is there another way to get to my old account?
 
#32 ·
I switched the email addresses between your two accounts so your old account now has the new email, and then I sent you a password reset notification that should allow you to regain access.
Let me know how it goes and sorry about all the confusion.
 
#33 ·
Well, after two weeks or so fighting with this I was finally able to get my password reset. I've never had any issues with 67-72chevytrucks.com or RCGroups.com, or any other forum. Oh well, I guess that it's a small price to pay when a website gets upgraded and hacked. :wink2:
 
#37 ·
Nothing to do with the upgrade, and dont kid yourself, if you have a VB site with the plug in we had on it (which looks like you do) then you are in jeopardy of getting hacked. The upgrade we did to this site is actually safer. A third party plug in is what caused it.

Helena
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top