Click here to go to the first RED TEAM post in this thread.   Thread: ATTN: Large increase in login bot attempts

Reply to Thread
Results 1 to 3 of 3
  1.   This is the last RED TEAM post in this thread.   #1 ATTN: Large increase in login bot attempts 
    REDuser Jason Ramsey's Avatar
    Join Date
    Dec 2006
    Location
    Colorado
    Posts
    1,090
    Hello, all. I just wanted to inform you that we have seen a large increase in bots who attempt to brute force their way into existing accounts.

    If you weren't already aware, the software will automatically ban ip addresses for 15 minutes after 5 failed login attempts, and will send you an email notifying you of the occurrence. Some of you may have been receiving these emails.

    It seems they are making the rounds lately. Happening on all of our sites, and other forum owners have been reporting a strong uptick in these types of brute force attempts in recent weeks as well.

    This particular type of brute force attempt is not something to be too terribly alarmed about (unless you happen to use a terribly common, or easily guessed password, and even some that seem not-so-easily guessed).

    However, it is always a good idea to change your password, and to use a strong password. The more characters the better (minimum of 6 recommended. the more, the merrier). I also recommend that you always use a combination of upper and lower case letters, numbers, and special characters (ie $, *, etc, etc). Don't create a password that is just letters, or even just letters and numbers. Try to include at least one of each (up and down cased letters, numbers, and special characters). This makes it much more difficult for bots to brute force their way into accounts by making repeated guesses. Modern computers can relatively quickly run through the various combinations of letter only passwords, for example...

    And, of course, you should avoid using the same passwords for different accounts. For example, you wouldn't want to use the same password here that you use for your email account, and you wouldn't want to use the same password for your email that you use for your bank account.

    Just some general info about password strength for you to apply to other accounts you may have as well.

    In summary, other than being a nuisance, (b/c of the emails you will receive notifying you) these login bots are little more than that... a nuisance.

    Please do change your weak passwords to something more robust that is not easily guessed.

    A couple of links to help you choose strong passwords:
    http://gizmodo.com/the-25-most-popul...med-1680596951
    https://www.schneier.com/blog/archiv..._secure_1.html
    Landmine Media
    Reply With Quote  
     

  2. #2  
    Senior Member
    Join Date
    Dec 2010
    Location
    Toronto & Vancouver
    Posts
    3,316
    So "love", "secret", and "sex" are bad passwords.... what about "god" though?

    EDIT: Thanks for the heads up... Actually, I just saw a "complaint" thread about people not being able to log in.
    Reply With Quote  
     

  3. #3  
    Senior Member
    Join Date
    Jun 2010
    Location
    Tampa Bay, FL
    Posts
    158
    from the Gizmodo link, "dragon" is the 9th most popular unsafe password.
    Reply With Quote  
     

Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts