Attention - Password and Security Update - Audi A5 Forum & Audi S5 Forum
 4Likes
  • 1 Post By audia5admin
  • 1 Post By MJ10
  • 1 Post By DrEskimo
  • 1 Post By Ian D
 
LinkBack Thread Tools Display Modes
post #1 of 15 Old 14th June 2016, 07:05 AM Thread Starter
Administrator
 
audia5admin's Avatar
 
Join Date: Oct 2013
Posts: 126
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 14 Post(s)
 
Attention - Password and Security Update

Hello all,

Over the next few days we will be implementing some changes to our forum password strength and password expiration policies. To make sure you continue having the best experience possible on the community, we regularly monitor the site and the Internet to keep everyone's account information safe. We've recently become aware of a potential risk to some accounts coming from outside of this community. Just to be safe, we are implementing the following changes to improve security even further:

1) We are asking everyone to change their passwords (and will force a one time reset). Along with every user on the forum, new passwords will need to be more complex, and can't be simple words (sorry, you can't have "fluffy" as your password anymore!). Please use a password unique to this community. Reusing passwords can expose your account indirectly when other websites (Twitter, Linkedin, Badoo, etc) are compromised; and

2) Your passwords will expire on a 365 day basis. When you login on the 366th day, you will have to change it.

We'll also be sending out an email to users to let them know about the changes, in upcoming weeks.

Thanks all,

Helena

Community Management
Red_Warrior11 likes this.
audia5admin is offline  
Sponsored Links
Advertisement
 
post #2 of 15 Old 14th June 2016, 08:28 AM
Senior Member
 
MJ10's Avatar
 
Join Date: Mar 2014
Location: Surrey, UK
Posts: 321
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 20 Post(s)
 
Garage
As someone who work in IT security it's good to hear security is being kept paramount. And thanks for the warning (more than other sites do!)
Red_Warrior11 likes this.


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
MJ10 is offline  
post #3 of 15 Old 14th June 2016, 12:54 PM
Member
 
trancer96's Avatar
 
Join Date: Jun 2016
Location: Porirua, New Zealand
Posts: 62
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 16 Post(s)
 
Garage
I already have a complex unqiue password generated by Firefox's PasswordMaker and having only joined recently it's not cool that I have to change it already (it means I have to modify the generator rule on every computer I log in from).
trancer96 is offline  
 
post #4 of 15 Old 14th June 2016, 11:14 PM
Senior Member
 
DrEskimo's Avatar
 
Join Date: Apr 2014
Location: Hertfordshire, UK
Posts: 3,923
Mentioned: 23 Post(s)
Tagged: 0 Thread(s)
Quoted: 988 Post(s)
 
Garage
Cheers Helena.

Also I'm stealing that avatar picture...!

Quote:
Originally Posted by trancer96 View Post
I already have a complex unqiue password generated by Firefox's PasswordMaker and having only joined recently it's not cool that I have to change it already (it means I have to modify the generator rule on every computer I log in from).
A rather minor inconvenience for you given the wider context don't you think....?
julianwhitta likes this.
DrEskimo is online now  
post #5 of 15 Old 15th June 2016, 07:27 AM Thread Starter
Administrator
 
audia5admin's Avatar
 
Join Date: Oct 2013
Posts: 126
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 14 Post(s)
 
We'll keep you posted with any updates guys

Kyle
audia5admin is offline  
post #6 of 15 Old 15th June 2016, 04:01 PM
Senior Member
 
Force-1's Avatar
 
Join Date: Jun 2011
Location: Albuquerque, NM
Posts: 829
Mentioned: 1 Post(s)
Tagged: 0 Thread(s)
Quoted: 37 Post(s)
 
45 Million Accounts Hacked At Some Of The Biggest Car Forums

VerticalScope.com

2017 S5: 3.0T S-Tronic; Technology Package, Black Optic/Black Optic Plus Package, Fine Nappa Leather, Layered Aluminum/Black Wood Inlays; Sport differential
2014 Q7 S-Line Prestige: 3.0T; Night Black/Black, Towing and Cold Weather Package, Adaptive Air Suspension
<Gone>2013 S5 Cab: 3.0T; Phantom Black/Black, Prestige Package, Driver Assist Package, Comfort Package, 19" 5-Spoke, Carbon Atlas Inlays
<Gone>2011 Q7 S-Line Prestige
<Gone>2011 A5 Cab
Force-1 is offline  
post #7 of 15 Old 17th June 2016, 11:49 PM
Senior Member
 
Ian D's Avatar
 
Join Date: Mar 2013
Location: Surrey, UK
Posts: 1,128
Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 80 Post(s)
 
Just by the by, it might have been an idea to send out that email to people before or at the same time as you did the forced admin reset. The first notice I got of this was an automated email saying my password had been changed, which immediately made me worry that my account had been hacked.
Richard Groves likes this.

2010 Phantom black metallic A5 Coupé 2.0 TFSI S-Line SE with DAB, BT, CC and AMI.
Ian D is offline  
post #8 of 15 Old 18th June 2016, 01:04 AM
HTB
Member
 
Join Date: Jan 2016
Posts: 44
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 10 Post(s)
 
Latest UK Government/CESG advice is not to do this.

https://www.cesg.gov.uk/articles/pro...assword-expiry

Sent from my SM-G920F using Tapatalk
HTB is offline  
post #9 of 15 Old 18th June 2016, 05:48 AM
Senior Member
Supporting Member
 
julianwhitta's Avatar
 
Join Date: May 2015
Location: Melbourne, Australia
Posts: 1,819
Mentioned: 6 Post(s)
Tagged: 0 Thread(s)
Quoted: 398 Post(s)
 
Garage
Once a year hardly constitutes "frequent", and barely makes it to "regular". I think the CESG guideline is more targeted to quarterly or monthly password changes. I've worked for companies that took such approaches, and the impacts were exactly as described by the CESG, and a right pain in the neck. Once a year, on the other hand, I can live with.

2012 (fl) A5 Coupe 2.0 TFSI Quattro S-line, Lava Grey
julianwhitta is offline  
post #10 of 15 Old 23rd June 2016, 04:51 AM
Member
 
Richard Groves's Avatar
 
Join Date: Jan 2016
Location: London, UK
Posts: 47
Mentioned: 2 Post(s)
Tagged: 0 Thread(s)
Quoted: 7 Post(s)
 
Garage
The problem with even once a year change is if the site keeps the old ones to stop you reusing it. Then any hackers get a nice repository of multiple passwords for each user after a while. Even if properly salted + hashed they can still be reversed eventually and CPU cycles get cheaper by the month.

S5 Cabriolet - Phantom black, pearl effect - ADS with Dynamic steering and quattro sports diff, ACC, Advance Key, Heated memory seats, MMI 3G, Hill hold
Richard Groves is offline  
post #11 of 15 Old 11th July 2016, 12:57 PM Thread Starter
Administrator
 
audia5admin's Avatar
 
Join Date: Oct 2013
Posts: 126
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 14 Post(s)
 
Quote:
Originally Posted by Richard Groves View Post
The problem with even once a year change is if the site keeps the old ones to stop you reusing it. Then any hackers get a nice repository of multiple passwords for each user after a while. Even if properly salted + hashed they can still be reversed eventually and CPU cycles get cheaper by the month.
This is if your passwords have a pattern of being similar or follow a certain. like adding a new character to the end of every password change. that would make it easier to track. If your passwords are different everytime then it would be less vulnerable. While you don't have to do this, I can recommend using a password saver software in which you only need to change one password in order to access everything else.

Lee
audia5admin is offline  
post #12 of 15 Old 29th September 2016, 07:59 AM
Junior Member
 
Join Date: Sep 2016
Posts: 9
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 3 Post(s)
 
I can no longer access my old account "Phantom A5"!!! and I cannot remember my email used on that account. Plz help
Sepang RS5 is offline  
post #13 of 15 Old 30th September 2016, 09:18 AM Thread Starter
Administrator
 
audia5admin's Avatar
 
Join Date: Oct 2013
Posts: 126
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 14 Post(s)
 
Quote:
Originally Posted by Sepang RS5 View Post
I can no longer access my old account "Phantom A5"!!! and I cannot remember my email used on that account. Plz help
PM sent

Dayle
audia5admin is offline  
post #14 of 15 Old 30th September 2016, 12:38 PM
Junior Member
 
Join Date: Sep 2016
Posts: 9
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 3 Post(s)
 
Quote:
Originally Posted by audia5admin View Post
PM sent

Dayle
i can't pm you back due to post count
Sepang RS5 is offline  
post #15 of 15 Old 4th October 2016, 08:19 AM Thread Starter
Administrator
 
audia5admin's Avatar
 
Join Date: Oct 2013
Posts: 126
Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 14 Post(s)
 
Quote:
Originally Posted by Sepang RS5 View Post
i can't pm you back due to post count
sent you an email instead.

Lee
audia5admin is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Audi A5 Forum & Audi S5 Forum forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



User Tag List

Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome