[internet tough guy]

(Original post by EierVonSatan)
It looks as though the banner is currently using an image hosted on a restricted site - nothing to worry about just press cancel. I'm sure they'll get around to fixing that

Yeah, I'm seeing an empty space with a small red cross next to the, ''IMPORTANT - Your Password has been compromised. You need to act.'' message at the top. Looks similar to other websites where theres a broken link to an image

[estel]

(Original post by pinkangelgirl)
i have literally just this second created a new password and already ive forgotten it!! what is wrong with me and my memory.

Try using a service such as Lastpass: https://lastpass.com/

It will synchronise your passwords across whatever computers you might use, and allows you to create and save long, random passwords to use for every site. And because it saves them automatically, you need never forget them!

[The Epicurean]

Just seen the email address I used to sign up to TSR The hackers can take that email address if they want because it has absolutely nothing useful. I use different email addresses for unimportant websites

[RyJ]

(Original post by Iqbal007)
"IMPORTANT - Your Password has been compromised. You need to act.
Unfortunately it has come to our attention that TSR has been compromised in a similar way to the recently publicised Linked In attack. At a minimum, username, hashed password and email addresses have been taken. Although the passwords were hashed/salted, they were unfortunately not secured to a level which would prevent them being cracked with modern approaches. You therefore need to act as if your actual password has been compromised.
We therefore recommend that everyone changes their password immediately not only on TSR, but anywhere else they have used the same password.
We will be reviewing our security measures over the coming days and communicating in a range of ways with all members to ensure that everyone receives this message.
We are really sorry for the nuisance that this will cause."


All I got was this to change my password.

But seriously, what would a bunch people want to do with our user accounts.....seriously

They are either very dumb "hackers" or the trolls are back for revenge

I'd say it's more so they can get a hold of peoples' email addresses along with their password for this site, since a lot of people use the same password for multiple things: Facebook, email, Twitter etc...

Edit: Just realised that I pretty much echoed what people were saying earlier in the thread; apologies! I really need to read these things in their entirety before contributing...

[estel]

(Original post by SecondHand)
Here's an article which will explain the vulnerability (or what I imagine the vulnerability was).

http://krebsonsecurity.com/2012/06/h...word-security/

<3 tptacek

But that article doesn't explain the vulnerability here, it discusses the problem with storing passwords in the way that TSR does. The whole article could probably be reduced to "Use bcrypt" anyway.

[OurSeaBee]

So, hackers know my password but I don't? This is an outrageous situation!

[RyJ]

(Original post by zedbrar)
Just seen the email address I used to sign up to TSR The hackers can take that email address if they want because it has absolutely nothing useful. I use different email addresses for unimportant websites

TSR is unimportant??!

[thunder_chunky]

(Original post by I Kant Spall)
Changed my TSR password.
Changed my e-mail password.
Installed noscript.
Ran a virus scan.
Turned off laptop.
Turned off router.
Fled the country.
Renounced citizenship.
Joined a monastery.

Guess I had the last laugh--shows you, hackers.

Yeah I changed my e-mail address as well. I changed it to a random one I set up to give to strangers on omegle use for internet forums and messageboards.

[internet tough guy]

(Original post by zedbrar)
Just seen the email address I used to sign up to TSR The hackers can take that email address if they want because it has absolutely nothing useful. I use different email addresses for unimportant websites

same, this is where my 5exym4chine66666666@hotmail.co.u k comes in for use

[whyumadtho]

Why is there a woman smiling at us? I almost feel trolled.

[Iqbal007]

(Original post by RyJ)
I'd say it's more so they can get a hold of peoples' email addresses along with their password for this site, since a lot of people use the same password for multiple things: Facebook, email, Twitter etc...

I use different passwords and emails..........but even then what would you do apart from spamming

[Iqbal007]

(Original post by estel)
A huge percentage of people use their same account details for their email and forums such as TSR. Given access to someone's email account it's usually quite possible to find most of their other passwords, and quite likely access their Paypal / other bank details, or give a wealth of information that would allow the hacker to steal your identity.

luckily I use different passwords

[KasanDude]

wut?!?! da internetz not safe???

I changed my password and email (probably too late anyways, did it out of fear).

I use a different password for everything so JOKES ON THEM, HA!

Also, when can we expect the prompt to enter our username and password unencrypted to disappear? I sense this is another hacker plot to steal more useless info from me...

[RyJ]

(Original post by Iqbal007)
I use different passwords and emails..........but even then what would you do apart from spamming

Some people might (stupidly) use the same password for something pretty serious like internet banking.

Peoples' bank accounts can pretty much be emptied in less than a minute...

[Iqbal007]

(Original post by RyJ)
Some people might (stupidly) use the same password for something pretty serious like internet banking.

Peoples' bank accounts can pretty much be emptied in less than a minute...

people should think twice about that stuff, especially anything linked to your email should be different

[estel]

(Original post by KasanDude)
wut?!?! da internetz not safe???

I changed my password and email (probably too late anyways, did it out of fear).

I use a different password for everything so JOKES ON THEM, HA!

Also, when can we expect the prompt to enter our username and password unencrypted to disappear? I sense this is another hacker plot to steal more useless info from me...

Click the close button on its top right corner?

[RyJ]

(Original post by Iqbal007)
people should think twice about that stuff, especially anything linked to your email should be different

I know, it's quite scary how this **** can happen...

[KasanDude]

(Original post by estel)
Click the close button on its top right corner?

Yep tried that a few times but it comes back up when I go to a new thread. Atleast it did... hasnt done it for the past few minutes.

[estel]

(Original post by Mr Dangermouse)
I have an email address that's only used to sign up to TSR but my old TSR password is used in other places. Should it still be changed everywhere?

Yes you should.

[Bobo1234]

WHY IS THERE AN IMAGE OF A SMILING GIRL NEXT TO THE WARNING?! It's like TSR saying "Ha! Your password's compromised. nyeeeeer!" Makes me scared.