Attention - Password and Security Update - Mazda CX3 Forum
User Tag List

 5Likes
  • 1 Post By Playthru
  • 1 Post By greaseman85
  • 3 Post By st3v3cx-3
 
LinkBack Thread Tools Display Modes
post #1 of 10 Old 06-14-2016, 03:02 PM Thread Starter
Administrator
 
CX3Admin's Avatar
 
Join Date: Jan 2013
Posts: 115
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 15 Post(s)
Garage
Attention - Password and Security Update

Hello all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management


To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.
CX3Forum.com - The Biggest Mazda CX-3 Forum!
CX3Admin is offline  
Sponsored Links
Advertisement
 
post #2 of 10 Old 06-17-2016, 05:04 PM
Junior Member
 
Join Date: Jun 2016
Location: San Diego, CA
Posts: 6
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 1 Post(s)
I am all for high security, when necessary. However I think many users will agree with me that the new password requirements are a little too stringent. My passwords at work (in high security medical records type systems) don't even have to be this complex. I suggest at the very least making the requirement closer to 7 characters. 10 is a lot, especially for an internet forum with no real sensitive information.

2016 Crystal White Pearl AWD CX-3 Touring
flippydoo is offline  
post #3 of 10 Old 06-17-2016, 10:53 PM
Senior Member
 
Playthru's Avatar
 
Join Date: Feb 2016
Location: St.louis county
Posts: 166
Mentioned: 3 Post(s)
Tagged: 0 Thread(s)
Quoted: 41 Post(s)
I could see if there is sensitive material posted here but to have passwords overly complex is overkill.
Playthru is offline  
 
post #4 of 10 Old 06-18-2016, 01:13 AM
Super Moderator
 
anchorman's Avatar
 
Join Date: Jul 2015
Location: Derbyshire UK
Posts: 2,078
Mentioned: 41 Post(s)
Tagged: 0 Thread(s)
Quoted: 483 Post(s)
Garage
I'm not an expert but doesn't having a complex password reduce the chance of them hacking your computer?

Currently CX5 SportNav 2.2 diesel automatic and AWD.
Formerly CX3 SportNav 1.5 diesel automatic and AWD.

All advice is given in good spirit and taken entirely at the readers own risk. WORK SAFELY. ©2018 anchorman

ď.........and another thing"
anchorman is offline  
post #5 of 10 Old 06-18-2016, 02:09 AM
Senior Member
 
Playthru's Avatar
 
Join Date: Feb 2016
Location: St.louis county
Posts: 166
Mentioned: 3 Post(s)
Tagged: 0 Thread(s)
Quoted: 41 Post(s)
Quote:
Originally Posted by anchorman View Post
I'm not an expert but doesn't having a complex password reduce the chance of them hacking your computer?
They can hack the site but it has nothing to with your home computer.If you have personal information on the site like a credit card number or a SS number then that is a different story.
If someone really wanted to hack this site it could be done easily by a hacker.
They could also use your password to put on spam or just post BS.
anchorman likes this.

Last edited by Playthru; 06-18-2016 at 02:11 AM.
Playthru is offline  
post #6 of 10 Old 06-20-2016, 12:50 AM
Senior Member
 
Vipre77's Avatar
 
Join Date: Sep 2015
Location: Milwaukee, WI, USA
Posts: 327
Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 75 Post(s)
Garage
I use my facebook account to login. I haven't the faintest idea what my password is on this site. The user control panel requires that I enter my current password before I'm allowed to change it. Kinda hard to do when I don't know what that password is.

His: 2018 Mazda6 Grand Touring, Machine Grey Metallic
Hers: 2016 CX-5 Sport, FWD, Reflex Blue
Vipre77 is offline  
post #7 of 10 Old 06-20-2016, 02:05 PM
Senior Member
 
greaseman85's Avatar
 
Join Date: Sep 2015
Location: Northern VA
Posts: 893
Mentioned: 3 Post(s)
Tagged: 0 Thread(s)
Quoted: 263 Post(s)
Garage
lol you guys think this requirement is complex? It's nothing really. Anyway, I recommend everyone use a password manager like LastPass, they're good, secure, and help you create new passwords for any website so that you don't reuse the same password over and over again. Also, you only have to remember one master password, and you can set up 2-factor authentication for added security.
WxFisch likes this.

2016 Mazda CX-3 GT in Deep Crystal Blue on Parchment
greaseman85 is offline  
post #8 of 10 Old 06-20-2016, 04:48 PM
Senior Member
 
Join Date: May 2016
Location: South East UK
Posts: 209
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 42 Post(s)
Quote:
Originally Posted by Vipre77 View Post
I use my facebook account to login. I haven't the faintest idea what my password is on this site. The user control panel requires that I enter my current password before I'm allowed to change it. Kinda hard to do when I don't know what that password is.
If you've forgotten your password, it's probably best to request a password reset. This can be done by going to the following site :-

Mazda CX3 Forum - Lost Password Recovery Form

and entering the information requested. You'll be sent an e-mail to the address you enter, along with a temporary password and a reset password link. Click on that link and then create your new minimum 10 char password following the requirements shown below the password box. Confirm the new password and also enter the temporary one supplied in the e-mail. Hopefully will then be logged on succesfully.

I did find I couldn't then log on again using the new password I'd created but followed the above procedure again and has been fine since.
Cyclone1410, DJ9999 and anchorman like this.

2016 Sport Nav 2.0 Petrol Automatic Arctic White plus options
st3v3cx-3 is offline  
post #9 of 10 Old 07-06-2016, 02:41 PM Thread Starter
Administrator
 
CX3Admin's Avatar
 
Join Date: Jan 2013
Posts: 115
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 15 Post(s)
Garage
Hey guys,

I apologize for the lack of contact form us.
We are swamped with many sites, though that is no excuse.

I just want to post here to shed a little more light on the situation, at least as much as we can provide at the moment.

A 3rd party plugin that we and other networks use had it's developers' compromised. Their DB was breached and data was scraped. I can't ID the plugin as it's under legal investigation. However I can say that it had access to user data because it functions separately from the vb software. Many plugins do this, chats, news letters, mobile apps etc. This is not an active breach, however as a precaution we did initiate security updates including password changes and new pass requirements.

Their system was compromised and they grabbed user data for us and thousands of others.
We cleared our part of the breach and went this route to further security.
This is also in place as many members on the internet use the same or similar passwords across all things they use.

Hackers who have access to these accounts, may be able to access other platforms where the same email and/or passwords are used.
Other platforms have been compromised as well, including Twitter, Linkedin etc. We are just trying to get ahead of this, and nip it in the bud as soon as possible.

We cannot go into detail at the moment as it is being dealt with on a legal level.

Though this breech happened in Feb, we were not notified until very recently. We worked hard to find a solution for this mess, and acted on it. Though it may not be ideal in some eyes, it is the best we have access to ATM.
Once the storm settles we may look into other methods for our security, but right now we ask that you be patient with us.

As for us not responding to members, you have to understand our community support team watches over many sites. Luckily this week and last, we have had many members from other teams offer help. With that said all emails sent to our Contact Us email will be dealt with. Granted, it may take a little time for us to get to all of them, but please be patient with us as we are working really hard to catch up and help everyone.

If there are any other questions/concerns/feedback, please feel free to post them here.

Thank you for your patience and understanding,

Richard.


To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.
CX3Forum.com - The Biggest Mazda CX-3 Forum!
CX3Admin is offline  
post #10 of 10 Old 07-06-2016, 03:10 PM
Senior Member
 
Geezer's Avatar
 
Join Date: Nov 2015
Location: Milton, Ontario Canada
Posts: 435
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 144 Post(s)
It is probably a good idea to get a password manager (I use 1Password for the Mac). When you use it, it will store all the passwords that you use so all you need is one password that will unlock the password manager and you have access to all the different passwords that you use. It will insert the correct password for the different web sites automatically. But you need to make the one password for the manager as complex and hard to break as possible since it is all that stands guard over the other passwords. It is available for both the Mac and iOS systems.

He who works with his hands is a Labourer. He who works with his hands and his head is a Craftsman. He who works with his hands, his head and his heart is an Artist. -St. Francis of Assisi

2016 Mazda CX3 GT Tech pkg. Soul Red.
To view links or images in signatures your post count must be 0 or greater. You currently have 0 posts.
Geezer is offline  
Reply

Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome