The Student Room – security breach
Hear the latest site news, get help with using TSR or share your suggests to improve the site.
-
- Reputation:
- PS Helper
- TSR Royalty
- Location: Alone up on the hills and snow
Re: TSR Usernames/PasswordsI'm thinking that, at the very least, your e-mail password and (if relevant) your bank password should be different to all others (and obviously not the same as each other)?
I just went and changed all of my passwords on a 'just in case' basis; sad how few websites that is, really.
(I also found that the hardest part was trying to remember what I had as my original password.
)
Last edited by TheSownRose; 22-06-2012 at 02:14. -
- Section Leader
Re: TSR Usernames/PasswordsYes, change everything which is the same as your previous TSR password.(Original post by Mr Dangermouse)
I have an email address that's only used to sign up to TSR but my old TSR password is used in other places. Should it still be changed everywhere? -
- Reputation:
- TSR Legend
- Posts: 13,379
Re: TSR Usernames/PasswordsEspecially those who have lost a lot and no ones willing to compensate(Original post by RyJ)
I know, it's quite scary how this **** can happen... -
- PS Helper
- TSR Royalty
- Location: UK
- Posts: 20,995
Re: TSR Usernames/PasswordsThat's unrelated, clear your cache to fix that(Original post by judicious)
Why have most of the flags changed??
-
- Reputation:
- PS Helper
- Vengeful, Imperial Overlord of The Student Room
- Posts: 4,215
Re: TSR Usernames/PasswordsWhat the actual ****. This is bull****. 5 days to crack any 7 character ascii password using a single half decent GPU(Original post by estel)
Default vB hash is:
With a per-user three character salt which is also stored in the database.Code:$password_hash = md5(md5($password_text) . $user_salt);
-
- Reputation:
- PS Helper
- Vengeful, Imperial Overlord of The Student Room
- Posts: 4,215
Re: TSR Usernames/PasswordsWell yes now that you've posted that information here. Probably want to change those passwords.(Original post by cfizzle)
If I have my bank details on a shopping website, with the same email and password for TSR do you think it'll get hacked and will all my sweet sweet dollas go?
-
- Reputation:
- Overlord in Training
- Location: Liverpool
Re: TSR Usernames/PasswordsThe joys of my bank using numbers and not letters for it's passwords. I am safe on the bank account front
I think I'll just change everything that uses old TSR password to my new one
Though my password is different for YT and other places. I don't think hackers could do that much damage to me to be honest 
My Amazon password needs changing I think though >.>
-
- Section Leader
Re: TSR Usernames/PasswordsYea, it's called being a student....(Original post by Mr Dangermouse)
So has anyone had their bank account emptied yet?
I think most banks use numbers rather than words, or use both at least so it's harder to crack and, even better even use number secure keys issued at the time of logging on now so fingers crossed bank passwords will be ok. But if anyone's worried, obviously change your password. -
- Reputation:
- Vengeful, Imperial Overlord of The Student Room
- Posts: 3,858
Re: TSR Usernames/PasswordsProbably wouldn't have happened if the staff spent more time working on security, instead of warning people for literally every pro-Israel post there is. Typical, farcical TSR really, and someone should be sacked over this.
-
- Section Leader
Re: TSR Usernames/PasswordsIt's come to TSR's attention that some usernames, passwords and email addresses have been compromised. The passwords are hashed and salted so if they are cracked it should take a while but it can't be guaranteed it won't so you need to change your TSR password and any other password which maybe the same as your TSR password ASAP.(Original post by R4INBOW)
Wtf is going on???!!?
This was posted from The Student Room's iPhone/iPad App -
- Reputation:
- "Just like a hooker she said, Nothin's for free"
- Location: Nottingham
Re: TSR Usernames/PasswordsYes, mod duties are to moderate the forums and test the security in every way...(Original post by tufc)
Probably wouldn't have happened if the staff spent more time working on security, instead of warning people for literally every pro-Israel post there is. Typical, farcical TSR really, and someone should be sacked over this. -
- Reputation:
- Section Leader
- Wiki Support Team
- Section Leader
- Location: Death Star
Re: TSR Usernames/Passwordstufc, the Administration team do not moderate users in the same way that the Moderators do not administrate the operation of the site.(Original post by tufc)
Probably wouldn't have happened if the staff spent more time working on security, instead of warning people for literally every pro-Israel post there is. Typical, farcical TSR really, and someone should be sacked over this.
Though my password is different for YT and other places. I don't think hackers could do that much damage to me to be honest 
My Amazon password needs changing I think though >.>
