MDGarcia Posted April 12, 2014 Report Share Posted April 12, 2014 Earlier this week (7 APR 2014), OpenSSL revealed a two-year old security exploit in serving secured data using their application. This exploit/bug made it possible for anyone to gain information about account information and more specifically passwords and password changes. Luckily, Ad Astra has only utilized SSL since we moved to our new server last month, so we feel that our exposure is not as bad as most sites out there.  Over the course of this week, we moved quickly to patch to the fixed release, which was completed yesterday night. Some of you were waiting to hear back on a support ticket regarding this issue, and this message will be posted in reply. The only site affected by this were the forums and our email server. The main archive and blog sites were not affected, because they do not employ SSL at all.  To that end, we were recommending that if you have an account here on the Forums and should you have a trekfics.net or other hosted email address here at Ad Astra, you should change your password immediately. Users who do not change their password are subject to an account hack.  Forums: https://forums.adastrafanfic.com/index.php?app=core&module=usercp&tab=core&area=email Email: https://mail.trekfics.net/postfixadmin/users/login.php  Again, please do this now to ensure your account security. If you have any questions, concerns, or are having a problem changing your password, please open a support ticket at http://support.adastrafanfic.com immediately. I will do my best to help you as quickly as possible.  Thanks,  MDg Quote Link to comment Share on other sites More sharing options...
Lil black dog Posted April 12, 2014 Report Share Posted April 12, 2014 Scary stuff. Changed my password on all vital accounts a few days ago - like banking and whatnot, but didn't realize we'd need to do it here, too. Done. Quote Link to comment Share on other sites More sharing options...
Gatekeeper Posted April 12, 2014 Report Share Posted April 12, 2014 Done. Thanks, Mike, for the heads up. Quote Link to comment Share on other sites More sharing options...
kes7 Posted April 12, 2014 Report Share Posted April 12, 2014 I am so damned irritated by this Heartbleed thing. Â It is hard enough to keep track of passwords with my ADHD issues. Â Now I have to remember a bunch of new ones. Â Watch me lock myself out of everything. Â Sigh. Â Thanks for addressing this, Mike. Quote Link to comment Share on other sites More sharing options...
M C Pehrson Posted April 12, 2014 Report Share Posted April 12, 2014 I tried to change my forum password, but of course I couldn't get it to work. Must be doing something wrong! As usual... Where is that Vulcan when I need him??? Quote Link to comment Share on other sites More sharing options...
FalseBill Posted April 12, 2014 Report Share Posted April 12, 2014 well it's change now, Just got to try and remember it now. Quote Link to comment Share on other sites More sharing options...
Mackenzie Calhoun Posted April 12, 2014 Report Share Posted April 12, 2014 Changed it for here, thanks for the heads up/info MDG. Â Question is...lumme, all my other passwords/websites. I might be some time. Quote Link to comment Share on other sites More sharing options...
Lil black dog Posted April 12, 2014 Report Share Posted April 12, 2014 I am so damned irritated by this Heartbleed thing.  It is hard enough to keep track of passwords with my ADHD issues.  Now I have to remember a bunch of new ones.  Watch me lock myself out of everything.  Sigh.  Thanks for addressing this, Mike. Hah! Already had to redo mine for this site. Changed a bunch of others along with this one this morning and subsequently forgot it. And I can't claim ADHD...old age, maybe? Quote Link to comment Share on other sites More sharing options...
jespah Posted April 13, 2014 Report Share Posted April 13, 2014 My passwords now all contain lower case letters, upper case letters, numbers, special characters, a pint of my own blood (A positive), and my grandmother's recipe for potato knishes. Quote Link to comment Share on other sites More sharing options...
Mick Posted April 15, 2014 Report Share Posted April 15, 2014 I've been spending the last couple days changing passwords. Â I went ahead and changed mine here too. Â I appreciate you being candid about it MDG. Quote Link to comment Share on other sites More sharing options...
Enterprise1981 Posted April 16, 2014 Report Share Posted April 16, 2014 In a perfect world, we'd be able to memorize passwords containing random combinations of capital letters, lower case letters, numbers, emojis, etc. But I'm so sick of having to come up with different passwords for every single thing that I have to log in to. Quote Link to comment Share on other sites More sharing options...
MDGarcia Posted April 16, 2014 Author Report Share Posted April 16, 2014  Thanks, xkcd.com  MDg Quote Link to comment Share on other sites More sharing options...