SECURITY ON THE SD SITE

ALLHONE hunting knives designed and made in NZ
sikamalc

sikamalc

Administrator
Two members of late have had their accounts hacked. This is probably due to them using the same password on another site or social media.

I would warn all members to make sure they have a cast iron password for the site, which is not shared with other sites or any media what so ever. This way it makes it almost impossible to penetrate the site.
Changing the password every so often also helps to stop these people as well. Admin has security about as tight as possible on here, but it pays to make sure your password is really strong. We also watch for suspicious people logging in and joining, the vast majority are banned before they get anywhere. As the site is growing by the day, Admin can only emphasis the importance of making sure your password is strong and changed every so often.

Thank you

www.thestalkingdirectory.co.uk

Changing your password...

There might be a few members who have passwords that are too old, based on phpBB or vBulletin, shared with other websites, may have even been discovered on other sites etc. and you may get a message like this reminding you: Yes, it is a genuine message that it's time to change your password...
www.thestalkingdirectory.co.uk www.thestalkingdirectory.co.uk
 
Last edited by a moderator:
Got ya, but
sikamalc said:
make sure they have a cast iron password for the site, which is not shared with other sites or any media what so ever
Click to expand...
is the theory, but we all end up with hundreds of unique passwords so they get reused or they become unmanageable without a password manager eg LastPass. But that becomes a PITA as well.

sikamalc said:
Admin can only emphasis the importance of making sure your password is strong and changed every so often.
Click to expand...
Well admin could move to a system which does not use passwords as part of the login workflow? Dunno if your host/service supports that? I was a sceptic but it does seem to work
 
sikamalc said:
Two members of late have had their accounts hacked. This is probably due to them using the same password on another site or social media.

I would warn all members to make sure they have a cast iron password for the site, which is not shared with other sites or any media what so ever.
Click to expand...
Cheers for the heads up
 
Thanks for the info. If you don’t mind me asking what would you look for that would raise an eyebrow. I’m always careful but I’m the first to admit I am no computer whizz. Thanks. 👍
 
nicowilson said:
I use a password manager. I have 600+ unique passwords.
Click to expand...
Me too. Not required with modern systems that are inherently safer.

Password managers are just another app that you have to maintain/pay for/cross platform/risk getting locked out from/are vulnerable to bad actors.
 
My computer constantly asks if I want to save passwords each time I respond "never" however, my number of passwords is limited but varies significantly for the major sites I use. On Sd I never logout and that may be a mistake - anyone any ideas?
 
I probably only carry 3 or 4 passwords in my head. The rest are in a password manager. I have used Keepass for my personal accounts for years. Free and been robust so far although it looks like an application from 20 years ago. It's available across most phones and computer platforms.
It can be configured to generate 20+ character passwords easily. I use 1Password for work. It has a more slick interface but is paid for. Using a passphrase rather than a password to lock those apps ... or even as your password is worth doing as it is long and easier to remember. Could be a line from a song, book or poem you like. Keep the punctuation and you pass the special character rules.
Where possible, use 2 factor authentication. I use Chrome and have a few Google accounts that are all 2 factor authentication enabled so I'll admit to storing passwords to non critical sites behind those 2FA protected accounts. And finally, there's a piece of hardware called a Yubikey that is excellent if you want the ultimate password store. But make sure you buy two to create a backup and keep it safe ... and up to date! I know someone who didn't ....
 
NullMac said:
Password managers are just another app that you have to maintain/pay for/cross platform/risk getting locked out from/are vulnerable to bad actors.
Click to expand...

Not all.

I would reject all examples of a browser password-remembering extension widgets, or any online storage, as convenient as either may claim to be. Both are highly vulnerable to hacking. But...

...opensource [nil cost] password managers like KeePass can be installed on your computer. You own it. You control it. Every password-controlled account you operate can have a 20+ digit password which you do not need to remember. You merely copy-n-paste from KeePass.
 
You must log in or register to reply here.

Similar threads

Why do the Pro Hunting organisations not post on here?
2 3 4
Replies
68
Views
5K
countrryboy
C
Sale and new site ownership.
3 4 5
Replies
97
Views
6K
Skogsmannen
S
The Stalking Directory FREE DSC 1 COURSE Draw in memory of Keith Robinson
Replies
8
Views
704
foxinmad
foxinmad
Tips on driven days. What say you on SD?
2
Replies
33
Views
2K
Scarpa
Scarpa
JUNE site supporters winners
Replies
7
Views
1K
Stringer
Stringer
R. Macleod & Son - The Best Hunting Companion
Back
Top