View Single Post
  #1  
Old 3rd April 2017, 11:33 AM
infopop's Avatar
infopop
Bob S: Administrator / Manager / Editor
 
Join Date: May 2002
Posts: 396
Exclamation Hacking Attempt On CFS Passwords

This weekend I became aware of a hacking attempt to obtain the passwords for CFS Members. I have no evidence that it was successful, but I think you should know.

Even if the attempt had retrieved the table which has passwords, the passwords themselves are stored with a one-way encryption algorithm, meaning you can't decode them by reading them. The hacker would also need the program and other data.

Nonetheless, I recommend changing your password now, just to be prudent. It's good practice to
  • change your passwords regularly
  • not to use the same password for different sites – I confess, often use variations of a password I will remember
  • include a mix of lowercase letters, capital letters, numbers, and "special characters" such as !, @, #, $, and so on.
Once you log in here's the way to change your password.

If you login from the CFS Home Page, after logging in it changes from showing the login form to show a welcome message and several links. I'm attaching an image of it. You should click on the link for Your User Control Panel.

On the Control Panel page, there's a long menu to on the left side of the white area. Select Edit Email & Password.

This will bring up a form where you enter your old password and then the new one you want. It makes you enter it twice to be sure you type it correctly.

You can ignore the part of the form about changing your email address unless you also want or need to do that.

I'm attaching image files of the Home Page welcome message and menu and the User Control Panel page menu with the relevant links highlighted.

Keep in mind, CFS is actually stitched together from at least three separate software packages and all of them are old and hard to use, especially for people with smartphones. It's easy for anyone to get confused, since the menus don't carry over to different parts of CFS.

I hope that I'll be able to start updating the software in a couple months, but I know it will be one part of CFS at a time. The first part will include a replacement for the Home Page and related pages and probably the login process and user profiles, too.

~ Bob S., Manager/Editor
Attached Thumbnails
hacking-attempt-cfs-passwords-home_page_welcome_links.jpg   hacking-attempt-cfs-passwords-control_panel_menu.jpg  

Last edited by infopop; 3rd April 2017 at 11:46 AM.
Quote |