The list below shows everyone who has been logged on within the last 5 minutes or so... And there are some login issues, so it's more likely that the cookie was set but the session variable wasn't right...
Change your password just in case.
-JEEP
Someone Used My Account
-
-
jeep Cappo Bastone
-
-
jeep Cappo Bastone
- Cappo Bastone
- Cappo Bastone
- Posts: 747
- Joined: April 21, 2002
- Location: Portland, OR
How long have you been logged off? Did you clear your cookies? Did you change your password? Do you auto-login?
In order to use your account, the person would have to know your password and even I can't do that. Passwords are stored as a MD5 hash. MD5 is a one way algorithm that, as far as I know, hasn't been cracked yet.
We do have the latest patch applied to phpBB, and no new security warnings have been issued.
Search for your posts and see if there are any that you didn't make...
-JEEP-
-
jeep Cappo Bastone
- Cappo Bastone
- Cappo Bastone
- Posts: 747
- Joined: April 21, 2002
- Location: Portland, OR
My mistake, there was a security warning posted 2 hours before my last post that could be related to this:
Code: Select all
We've been notified of a flaw in search.php. This, under the right circumstances with certain server versions be exploited to obtain password hashes.
Even assuming we've been hacked, once the person gets the hash, unless you use a dictionary word, it still takes a lot of work to determine what your password it.
I will apply the security patch this weekend and will recommend that everyone change their password in a global announcement.
-JEEP
Copyright © MafiaScum. All rights reserved.