Hi all,
My web host advised that the site may have been hacked. I've cleared up the back end but I suggest that you all change your passwords asap. I've deleted a lot of stuff for unused themes and a couple of files that may affect the current theme so please let me know if you spot any issues with the site.
Pip pip,
Fitz
Thanks for taking care of this Fitz.
Seems to be hacker season again.
@work our telephone system has been hacked on the weekend.
After a few thousand international calls, our provider cut the line.
A colleague of mine had a few hundred calls on his list... I consider myself lucky as my phone list is clear.
Cheers!
Mike
Password changed to something stronger and equally forgettable! ðŸ˜
Cheers,Chris
Done.
I should probably also mention that if you use the same password on any other sites you might want to change those as well. Hackers have a habit of trying email/password combinations wherever they can.
It should be noted though that SMF does not store plain text passwords and it does not use a reversible encryption either.
Passwords are stored in hashed&salted format.
Hashed means it's one-way encryption, you cannot simply "decrypt" a hashed password.
Salted means that so called "rainbow tables" are useless when attempting to guess the matching password for a hash.
What's left is a brute force attack, which works for pretty simple and short passwords, so complexity is the key.
My password generally have both uppercase and lowercase letters, numbers and special characters like "+-#&%$()" etc, and they're at least 10 characters long.
Not that his would make unhashing impossible, but with today's hardware, it would take a little longer than all of us are going to stay on this planet, even if we sum it up.
Nevertheless, of course I don't recycle passwords across sites - this is something I'd generally suggest not to do at all, never ever.
Cheers!
Mike