Security Breach

A Blog Post for GameBanana

Over the weekend our admins detected some kind of security breach which has affected several thousand accounts. It appears that a small number of IPs had successfully logged into several thousand accounts. Some of these IPs were found to be on IP blacklists. 

We believe that bots were performing brute force login attempts on accounts and eventually gained access to some of them. I don't believe that plain passwords have been compromised as they are encrypted with salts in our member database. 

As a response we have reset these accounts' passwords and implemented several new security measures:

  1. After 5 failed login attempts, you will be blocked from logging in for 60 seconds. An email will also be sent to the account owner and a modlog entry made.
  2. If you log in from an IP that has been blacklisted by dronebl.org, it will be recorded in the modlog.

We have several more security features planned, such as 2-step authentication and irregular location notifications.

Remember to always use strong passwords. If you don't use a password manager, you should! Try keepassx.

Big thanks to mini for detecting the issue.
Sign up to access this!

Embed

Share banner
Image URL
HTML embed code
BB embed code
Markdown embed code

Blogger


tom avatar
tom username pic Joined 17y ago
TBS2 Manager Super Admin
Offline
49,150 points Ranked 81st
58 medals 12 legendary 10 rare
  • Achieved Super Admin clearance Medal icon
  • 10 years a member Medal icon
  • Thanked 500 submitters Medal icon
  • Submitted 200 Blogs Medal icon
  • Submitted 200 Threads Medal icon
  • Submitted 60 Polls Medal icon
Sign up to access this!
Sign up to access this!
Sign up to access this!

Game

Sign up to access this!

Category

Details

Initiative
None

Share

  • Share on Reddit
  • Share on Twitter
  • Share on Facebook
  • Share on Google+
  • 578 Views
  • 11 Posts
  • 1ySubmitted
  • 8moModified

More from Submitter

WiPs by Submitter

More Site News/Updates Blogs

bcp.crwdcntrl.net tracking pixel