Announcement

Collapse
No announcement yet.

Last 5 Logins

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Last 5 Logins

    Some of the IP addresses listed as my login log are not my IP addresses. i haven't shared my password or screen name with anyone, and haven't been that far out out of the city this week.

    i changed my password but what good will it do if the site does not go through HTTPS server?

    what do i do? any ideas?
    Last edited by Yuriyology; 27 January 2013, 06:04 AM.

    #2
    Changing password is always a good idea. Do pick a hard to guess password, with lots of difficult characters. Then use a password manager to store it in. Not using https only is a problem if somebody is listening in on your connection. If that's the case you have bigger problems then an AW login

    If the problem re-occurs, contact support via the feedback form.

    Comment


      #3
      and they are still trying to hack my account from turkey yet ,but no success password is working well +++++++++++

      Comment


        #4
        they are trying mine from 3 different IP adresses, no sucess yet

        Comment


          #5
          Hi Yuri, all looks well from here; good on you for being vigilant and paying attention to IP address login history, though. There's been no spikes in bandwidth, and no 'spooky' logins or multiple failed attempts. That said, as the folks here have said, it is good practice to change your passwords. You can do that via our biller, GMBill's account lookup. If you have any trouble feel free to submit a support ticket and I can go i9nto more specific, step-by-step detail.

          Comment


            #6
            It would seem that someone is trying to hack my account from Gijon and Istanbul-two places I have never visited,nor plan to.I'll probably change my password, but is it possible to find out what they tried to use as a password?I've always considered my password pretty good ,but if they really nowhere near close to being right, is it perhaps a great risk not to change?

            Comment


              #7
              philchen, use a random password generator, 10 or more charachters, include some special (not az09) as well. Make sure you change both forum and site password, to different passwords. I have both forum and site to 'remember me', looking up a password once a year to login works fine

              Comment


                #8
                With that laissez faire business practice, I think even a password change is useless. If they want to, they will get to.

                the internet needs a better cryptography system.

                Comment


                  #9
                  Not really, the people in that article where handed encrypted passwords. You first have to get that list. Without it you have to guess the entire password, and most system allow only 5 login attempts before blocking you art least temporarily.

                  The article does proof you need different passwords for different sites (and for forum vs site in AW's case). If an md5 hashed password list gets out, yeah that's a problem, but we knew that years ago

                  There are better systems, but having everybody buy personal ssl certs to login to a forum or shop wouldn't go over well with most people I think.

                  Comment


                    #10
                    thanks for clarifying.

                    Comment


                      #11
                      For those who are wondering what kind of cryptography system might be out there or some kind of setup that could really ensure virtually no one else but the registered member has access to a site or page, Bloomberg utilises a login system so secure it requires each of its subscribers to carry and use a special card that identifies the subscriber, through the the screen by way of the card, at each time of login. The card is sort of the subscriber's unique thumbprint and the card won't work if anybody else held the card up to the screen. One subscriber, one card, one Bloomberg account. About a secure of a login procedure as it gets.

                      Comment


                        #12
                        I think this stuff is really fascinating; authentication, cryptography, and so on.

                        That said, in the scheme of security, we're 'average' at abbywinters. All of the sensitive personal data is absolutely separate from your abbywinters.com login, and handled by the much more secure biller. Because of that, the risk posed by a password breach is quite minimal and borne mainly by us. If hackers gain access to a member's abbywinters.com subscription, they get free* porn and no access to sensitive details. Whilst more rigorous systems surely could bring down the incidence of such things, they would also likely infringe greatly upon the usability of the site, especially on less computer-capable members (who themselves also wouldn't notice or appreciate the benefit). All in all we try to aim for a sweet spot between 'locked flyscreen' and 'retinal scan'.

                        *Nothing is free; they get porn that costs us in bandwidth.

                        Comment


                          #13
                          Hi Brent,since I've changed my password they've been certainly been busy trying to hack my account.The only thing that has been noticeable is the amount of downloaded material which is something I've never paid much heed to.I've been on the site longer than my activity on the boards may suggest but 1200+ GB downloads since 2004 does seem a bit too much to me.So long as they can't check into my personal data I'm happy,though I don't like them ''damaging'' AW using me,however inadvertent.I think I shall take the advice and change passwords more often.I do like ''locked flyscreen'' and ''retinal scan'',though-great imagery! Take care,Phil.

                          Comment

                          Subscribe to our e-mail newsletter

                           
                          Sign up for the abby newsletter. Don't worry, we'll NEVER share your email address with anyone.
                          Working...
                          X