- Local time
- Today, 08:55
- Joined
- Feb 28, 2001
- Messages
- 29,387
Dear members:
As a moderator it is part of my job to watch out for spammers and hacked accounts. AWF has its share of both. The spammers frequently want to just plant ads. I'm catching 3 or 4 per day myself and the other moderators have also noted an uptick in approval requests from suspicious sources. This is not a problem for the members. However, hackers have breached account passwords and have been planting ads under an established member's name. Some of you have reported such posts - and thank you for calling them to our attention.
I want to discuss hacked accounts. First and foremost, we cannot see your passwords. (Nor do we want to.) But if your account gets hacked, then at least one other person besides yourself now has your password. That bad actor could use your account to post inappropriate messages that could get Jon and this site in trouble considering recent British legislation called the "Online Safety Act." This link below will let you find out what is in this act on your own time. The main concern is that with a hacked account, a hacker could easily make trouble for Jon and AWF. I'm sure you agree that we should protect against being hacked.
www.gov.uk
What I want to do is suggest (not mandate) that if you have been using a relatively weak password, you might wish to change it. I cannot tell you what standards exist elsewhere, but in the US military sites, a secure password for an "ordinary" user contains not less than 1 uppercase, 1 lowercase, 1 numeric, and 1 special character out of a total of at least 10 characters. According to some security articles, each character you add to a password multiplies its effectiveness by about 100. (That is rounded off.) Note that if you were a systems or database administrator for the government, the password standard would have been 2 each of upper, lower, digit, and special with a minimum length of 15 characters.
If you have a long enough and complex enough password, you should be OK. However, if you have any doubts about the security of your password, change it.
Thanks,
- Richard
As a moderator it is part of my job to watch out for spammers and hacked accounts. AWF has its share of both. The spammers frequently want to just plant ads. I'm catching 3 or 4 per day myself and the other moderators have also noted an uptick in approval requests from suspicious sources. This is not a problem for the members. However, hackers have breached account passwords and have been planting ads under an established member's name. Some of you have reported such posts - and thank you for calling them to our attention.
I want to discuss hacked accounts. First and foremost, we cannot see your passwords. (Nor do we want to.) But if your account gets hacked, then at least one other person besides yourself now has your password. That bad actor could use your account to post inappropriate messages that could get Jon and this site in trouble considering recent British legislation called the "Online Safety Act." This link below will let you find out what is in this act on your own time. The main concern is that with a hacked account, a hacker could easily make trouble for Jon and AWF. I'm sure you agree that we should protect against being hacked.
Online Safety Act: explainer
What I want to do is suggest (not mandate) that if you have been using a relatively weak password, you might wish to change it. I cannot tell you what standards exist elsewhere, but in the US military sites, a secure password for an "ordinary" user contains not less than 1 uppercase, 1 lowercase, 1 numeric, and 1 special character out of a total of at least 10 characters. According to some security articles, each character you add to a password multiplies its effectiveness by about 100. (That is rounded off.) Note that if you were a systems or database administrator for the government, the password standard would have been 2 each of upper, lower, digit, and special with a minimum length of 15 characters.
If you have a long enough and complex enough password, you should be OK. However, if you have any doubts about the security of your password, change it.
Thanks,
- Richard
