Artist Forum banner

Attention - Password and Security Update

6K views 22 replies 9 participants last post by  JonathanBryington 
#1 ·
Hey all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,
Helena
Community Management
 
See less See more
#6 ·
number 1 reason for password insecurity is the user himself. kind of dumb and surplus change imho. so the only other method other than fishing someones
password ( malware and/ or shady websites ) left is brute force. to cope with brute force the key is length....

well anyway if it turns out to become too unconvenient for my taste i always have the option to not come back so let´s see how annoying it will get.


cheers
 
#10 · (Edited)
Yeah it's PLC registered as VerticalScope INC but VerticalScope.com is a referral URL of ENOM, INC which means our data is shared with, ENOM - but ENOM isn't mentioned in the TOS (See here)
thats irrelevant I just wanted to know what was going on normally when a site loses their members personal data theres some kind of *******SORRY******* but I guess not in this case
 
#11 ·
I am not sure what you are asking. ENOM is just a domain registrar.

A domain name registrar is an organization or commercial entity that manages the reservation of Internet domain names. A domain name registrar must be accredited by a generic top-level domain (gTLD) registry and/or a country code top-level domain (ccTLD) registry. The management is done in accordance with the guidelines of the designated domain name registries. https://en.wikipedia.org/wiki/Domain_name_registrar
 
#12 · (Edited)
I am not sure what you are asking.
I'm SHOCKED you don't know what I'm saying to you!
before I became successful as an artist I built social websites which had over 30.000 members and I see the community on here is amazing, the individuals I've come to get to know are not only great artists but beautiful people who share the most intimate details of their lives with the board and in return get great support.
and what do the owners get from the site? money, they get money reaped from adverts and all I asked is an acknowledgement a simple "sorry" for the mistrust in data loss, YOU lost OUR personal information, the terms we signed up to was a 2 way thing we ENTRUSTED YOU with our personal information.
just SAY SORRY
Edited:
the fact I have to point this out is absurd?
 
#17 ·
I'm old enough to suffer memory loss so I bought a small diary that I keep near my pc at home. I just put anything to do with computer stuff in it. My wife does the same. Saves a lot of hassle. It's easy enough to disguise passwords if you wish,and nobody will need to know mine anyway, I'm not in charge of national security. :smile:
 
#20 ·
Hey all,

first off, personally, i love this forum. I do a lot of art when im not here at the office. :)
secondly, this is frustrating, and I am very sorry for the aggravation. in all transparency is concerned, we are legally obligated to change passwords after a breach has taken place. we have fixed our end of the breach but we still needed to issue a password reset regardless. If the requirements are too much right now, we can revisit this later and make things a bit easier, no problem. but for now, we are issuing these to get things resolved on all ends, and to help protect your accounts for the future.

I am more then happy to assist anyone here with any issues they have or answer questions, as well as resolve any issues with the transition. also, we can talk art while im doing so! again, I personally apologize. it was a third party breach, and came from an outside source. though its been resolved, we understand the need for an apology. here is the website that explains a little more on what is being done to fix things: http://www.verticalscope.com/about-us/security-update.html

let me know what you peeps need, Ill be happy to assist with it.

~Shane
 
#22 ·
Hey liz,

First off, I love your pencil and ink work. you have great attention to detail, good perspective, and an overall good composition of shading, occlusion and control. love it. keep up the good work! :)

secondly, I understand its a bit over the top. But the password mandatory going out can be changed in the UserCP. you can change it to anything you like after its been reset. To answer the question about bank security, you have to keep in mind a few things here:

- Banks are held under a 128 - 256bit encryption system and are well protected server side.
- Encryptions are also changed constantly to keep it constantly changing making a breach next to impossible on the server side.

with all that in mind, let me ask you this. if I get a hold of your say 4-6 digit pin code for the bank machine, does that encryption really do much for you?

the password change is because the information taken was information that if you use the same password say for....online banking, or shopping, even a michaels online shopping account (art store here in Canada). if your credit information or bank info is tied there for online purchases. that one password can be used to buy/ make purchases, access online banking, do etransfers, etc etc. the list goes on and on.

For more information on the breach, check our website on what was taken and the "what you need to know" kind of thing: http://www.verticalscope.com/about-us/notice-of-data-breach.html

not trying to scare anyone, just the truth of it. again, you are more then welcome to change it to whatever you like once you get your temporary password, once the "dust settles" kind of thing, we will lessen it for you all if that is what you would like in the end. for now, please bare with us. we are doing this for the better, even though its a bit bittersweet.

trust me when i say, we had to do it as well. and i mean thousands of accounts. i know its a pain. just bare with us for now.

If you all need any further assistance, let me know :) or we can talk about art. but shhhh...don't tell my boss! ;)

cheers all, keep on arting.

~Shane
 
#23 · (Edited)
I'm a newbie to this forum, but I really like the attitude of the moderators. Because the rules imposed by you are for the good of the community. I know what it means to be a victim of fraud. The scammers are now more and more. It's pretty hard to differentiate a scam site from a reliable one. It could be helpful for someone to find more information here about how a trustworthy site looks like. You have to know that I made this mistake. In the past, I had the same password for all my accounts. Be aware of what you access on the Internet.
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top