I was glancing through my spam, and one caught my eye because it said I know your password is xxxxxxxxxxxxxxxxxx.
It went on to say I know you did this and that and I have placed malware and you should send $xxxxx.xx to etc etc
I thought wait a sec that's a real pwd, but where do I use it?
I use it here.
Also, I went to change it, and firefox warns me that the fields to change them are not secure.
Do we need to be concerned?
This is a common scam being used today. The scammers are using very old (cheaper to buy) PW lists from hackers. If you are like most people you have used the same password in a number of places.
Best thing to do is to change and strengthen your password on this site. Ignore the threat it is just preying on fear.
Mozilla has a tool that you can use to check if your email and other info was included in any of the data breaches that Mozilla knows about:
No such service is comprehensive, but it shows some of the lists that are floating around out there that could be used to generate this sort of email.
Most of us ignore scams, just bizarre the pwd was for here, and that's the only place where I used it! And likely for over 10 years. So maybe old list as mentioned! Thanks.
...you use this password everywhere else. I use strong passwords on critical sites; e.g.; banks, social security, etc., but for sites such as this, not so much and I might use the same password across a couple of websites that do not contain critical information. If you glance at the address bar at the top of the screen, you will notice that it states that this website is not secure.
If you glance at the address bar at the top of the screen, you will notice that it states that this website is not secure.
The site being not secure has been brought up on many occasions but nothing has been done. I wonder when, if ever, it will be changed.
2nd item I find a pain is if I chose to do a quote, as I've done here, why do I need to fill out a subject? Why not just carry on with the prior entry. This is the only site of several that I visit that has this behavior.
When I first joined this site the login screen was not secure, it is now even though once logged in it goes back to non secure. The point is, since you've most likely used the same password all that time for this site that old list could very easily been lifted when the login was not secure.
I agree big time with the "subject required" junk. Another thing I only run into on this site is clicking a link takes me off this site instead of opening a new window/tab. I often forget that and when done reading the info at the link close the window, and if I wasn't done here yet I have to sign back in.
Apparently the AutoSubject script rejects "[Quote" for Subject because it looks for the first few words of the text for a subject line. Adding a couple words before "[Quote" will work.
BTW, I had to add the " " to keep the actual quotation from gettin hosed.
Edit: Nope, That doesn't work. A manual Subject has to be added.
... 2nd item I find a pain is if I chose to do a quote, as I've done here, why do I need to fill out a subject? Why not just carry on with the prior entry. This is the only site of several that I visit that has this behavior.
I agree totally. What's interesting is that we all bitch about something that annoys us, but I don't remember anyone here in the Factory, and that includes me, actually raising an issue about it 'til now.
If I'm not mistaken we did have a thread about these kinds of things in the past, it may have been around the same time POI's login went from unsecured to secured.
Another thing I only run into on this site is clicking a link takes me off this site instead of opening a new window/tab. I often forget that and when done reading the info at the link close the window, and if I wasn't done here yet I have to sign back in.
When on a link right click your mouse and open link in new window or new tab. It takes a little while to get in the habit of doing this but after awhile it is natural to do and saves you from having to find your way again. If you use open in new window when you x out of that window your original window is still there.
I agree that some of these forum quirks are minor annoyances, but for the most part, this forum is about stable and reliable as any I have participated in. It is almost never down or offline, the regular members don't have to put up with ads, you seldom see spam posts, the forum rules are unobtrusive and most members exhibit good behavior in their posts most of the time. JM and Globe Turtle deserve a lot of credit for the way this forum is managed.
I agree with everything alandb said.
I agree with everything alandb said.
I too agree and I echo Alan's sentiments, especially regarding how efficiently the site is run.
Thanks, once in a great while I remember to do that, but, since this is the only site I would have to do that to open a link and not lose my place I almost always forget.
Ditto, minor annoyances, but annoyances nonetheless, first world problems.
There really is no reason to do that if you use a pw manager.
I have been using one for years. all my pw are becoming very strong as I migrate them. there is only 1 to remember.
First of all let me say I use a PW manager, but it is a standalone version, not a cloud based version.
The problem with some cloud based systems is if a hacker gets the “master” password, then he basically has access to virtually every site you frequent. For instance, say you deal with six different banks. If I crack your master password, I cna get into the cloud based system and with little work I can get access to the bank accounts. Usually the user ID is your email address, also something relatively easy to get. Some experts feel this is only slightly better than using the same password for multiple accounts. Where the advantage lies is you can use as a master password a relatively long phrase that is easy to remember; perhaps something like “Dad was born on xx/xx/xxxx”. Something of that format will usually meet the requirements of minimum number of letters, upper case, lower case, numbers, symbols, etc. Yes, it is long but if you are using a keyboard it becomes quite rapid to provide the input.
I'm just not trusting enough to use a password manager. Think SolarWinds hack.
...that this site is not secure. There is really nothing secure on here. I mean it's not a financial website or anything remotely close to one. This website is created so that people who are GPS aficionados have to place to ask questions, get answers, and exchange ideas. I suppose that someone could get your email address, but email addresses are usually floating around and there is not much that you can do with them. I mean, we give them out fairly frequently and a lot of the time to people that we don't know. (Think department stores, tire stores, etc.) So, with that being said, I really don't have any issue with it being non-secure. I am not going to put anything on here that would benefit someone in stealing my identity or anything else.
The sign-in (or log-in) part of this website is secure but it redirects us to http (not secure) site after signing in. In addition to that, the password change is also not secure (http) so Firefox warning is correct, you are submitting password change over http (not secure connection) as oppose to https. Anyone "listening in" between your computer and POI server can steal your password. I suppose you may have accessed POI site through a public WiFi connection. That's how they know your password. Just a wild guess.
Some of us don't really care if this site is not a full http secure site but I say don't underestimate what bad guys can do with stolen information. We don't think like them so we won't know how bad it can get if they have our info especially if you use the same password on many other sites.
That this forum is well run and the moderators are doing this because they enjoy it and surely use a lot of their time to keep the forum running on an even keel. This is most likely done after they finish a regular job.
but I am not concerned about the security level of this site, nor am I concerned about the security level of most of the sites I visit. The only ones that I care about are the sites that involve some kind of financial or business transaction.
I also use a different password on every web site I visit and control them with a password manager that is on my own computer, not in the Cloud.
- Tom -
Good looking out.
terms | privacy | contactCopyright © 2006-2021