not secure?

 

I was glancing through my spam, and one caught my eye because it said I know your password is xxxxxxxxxxxxxxxxxx.

It went on to say I know you did this and that and I have placed malware and you should send $xxxxx.xx to etc etc

I thought wait a sec that's a real pwd, but where do I use it?

I use it here.

Also, I went to change it, and firefox warns me that the fields to change them are not secure.

Do we need to be concerned?

This is a common scam being

This is a common scam being used today. The scammers are using very old (cheaper to buy) PW lists from hackers. If you are like most people you have used the same password in a number of places.

Best thing to do is to change and strengthen your password on this site. Ignore the threat it is just preying on fear.

--
John B - Garmin 765T

Firefox Monitor

Mozilla has a tool that you can use to check if your email and other info was included in any of the data breaches that Mozilla knows about:

https://monitor.firefox.com/

No such service is comprehensive, but it shows some of the lists that are floating around out there that could be used to generate this sort of email.

obviously

Most of us ignore scams, just bizarre the pwd was for here, and that's the only place where I used it! And likely for over 10 years. So maybe old list as mentioned! Thanks.

Not unless...

johnnatash4 wrote:

I was glancing through my spam, and one caught my eye because it said I know your password is xxxxxxxxxxxxxxxxxx.

It went on to say I know you did this and that and I have placed malware and you should send $xxxxx.xx to etc etc

I thought wait a sec that's a real pwd, but where do I use it?

I use it here.

Also, I went to change it, and firefox warns me that the fields to change them are not secure.

Do we need to be concerned?

...you use this password everywhere else. I use strong passwords on critical sites; e.g.; banks, social security, etc., but for sites such as this, not so much and I might use the same password across a couple of websites that do not contain critical information. If you glance at the address bar at the top of the screen, you will notice that it states that this website is not secure.

--
It is impossible to rightly govern a nation without God and the Bible. ----George Washington

Non secure site (POI)

maddog67 wrote:

If you glance at the address bar at the top of the screen, you will notice that it states that this website is not secure.

The site being not secure has been brought up on many occasions but nothing has been done. I wonder when, if ever, it will be changed.

2nd item I find a pain is if I chose to do a quote, as I've done here, why do I need to fill out a subject? Why not just carry on with the prior entry. This is the only site of several that I visit that has this behavior.

--
John from PA

If you remember ....

johnnatash4 wrote:

Most of us ignore scams, just bizarre the pwd was for here, and that's the only place where I used it! And likely for over 10 years. So maybe old list as mentioned! Thanks.

When I first joined this site the login screen was not secure, it is now even though once logged in it goes back to non secure. The point is, since you've most likely used the same password all that time for this site that old list could very easily been lifted when the login was not secure.

John from PA wrote:
maddog67 wrote:

If you glance at the address bar at the top of the screen, you will notice that it states that this website is not secure.

The site being not secure has been brought up on many occasions but nothing has been done. I wonder when, if ever, it will be changed.

2nd item I find a pain is if I chose to do a quote, as I've done here, why do I need to fill out a subject? Why not just carry on with the prior entry. This is the only site of several that I visit that has this behavior.

I agree big time with the "subject required" junk. Another thing I only run into on this site is clicking a link takes me off this site instead of opening a new window/tab. I often forget that and when done reading the info at the link close the window, and if I wasn't done here yet I have to sign back in.

--
. 2 Garmin DriveSmart 61 LMT-S, Nuvi 2689, 2 Nuvi 2460, Zumo 550, Zumo 450, Uniden R3 radar detector with GPS built in, includes RLC info. Uconnect 430N Garmin based, built into my Jeep. .

Test Failed

Test

John from PA wrote:
maddog67 wrote:

If you glance at the address bar at the top of the screen, you will notice that it states that this website is not secure.

The site being not secure has been brought up on many occasions but nothing has been done. I wonder when, if ever, it will be changed.

2nd item I find a pain is if I chose to do a quote, as I've done here, why do I need to fill out a subject? Why not just carry on with the prior entry. This is the only site of several that I visit that has this behavior.

Apparently the AutoSubject script rejects "[Quote" for Subject because it looks for the first few words of the text for a subject line. Adding a couple words before "[Quote" will work.

BTW, I had to add the " " to keep the actual quotation from gettin hosed.

Edit: Nope, That doesn't work. A manual Subject has to be added.

--
Frank DriveSmart55 37.322760, -79.511267

Same here

John from PA wrote:

... 2nd item I find a pain is if I chose to do a quote, as I've done here, why do I need to fill out a subject? Why not just carry on with the prior entry. This is the only site of several that I visit that has this behavior.

I agree totally. What's interesting is that we all bitch about something that annoys us, but I don't remember anyone here in the Factory, and that includes me, actually raising an issue about it 'til now.

Phil

--
"No misfortune is so bad that whining about it won't make it worse."

Subject field is required.

plunder wrote:
John from PA wrote:

... 2nd item I find a pain is if I chose to do a quote, as I've done here, why do I need to fill out a subject? Why not just carry on with the prior entry. This is the only site of several that I visit that has this behavior.

I agree totally. What's interesting is that we all bitch about something that annoys us, but I don't remember anyone here in the Factory, and that includes me, actually raising an issue about it 'til now.

Phil

If I'm not mistaken we did have a thread about these kinds of things in the past, it may have been around the same time POI's login went from unsecured to secured.

--
. 2 Garmin DriveSmart 61 LMT-S, Nuvi 2689, 2 Nuvi 2460, Zumo 550, Zumo 450, Uniden R3 radar detector with GPS built in, includes RLC info. Uconnect 430N Garmin based, built into my Jeep. .

Open link in new tab or window

soberbyker wrote:

Another thing I only run into on this site is clicking a link takes me off this site instead of opening a new window/tab. I often forget that and when done reading the info at the link close the window, and if I wasn't done here yet I have to sign back in.

When on a link right click your mouse and open link in new window or new tab. It takes a little while to get in the habit of doing this but after awhile it is natural to do and saves you from having to find your way again. If you use open in new window when you x out of that window your original window is still there.
Mary

--
Mary, Nuvi 2450, Garmin Viago, Honda Navigation, Nuvi 750 (gave to son)

Annoyances

I agree that some of these forum quirks are minor annoyances, but for the most part, this forum is about stable and reliable as any I have participated in. It is almost never down or offline, the regular members don't have to put up with ads, you seldom see spam posts, the forum rules are unobtrusive and most members exhibit good behavior in their posts most of the time. JM and Globe Turtle deserve a lot of credit for the way this forum is managed.

--
Alan - Android Auto, DriveLuxe 51LMT-S, DriveLuxe 50LMTHD, Nuvi 3597LMTHD, Oregon 550T, Nuvi 855, Nuvi 755T, Lowrance Endura Sierra, Bosch Nyon

agree

I agree with everything alandb said.

Same Here!!

dobs108 wrote:

I agree with everything alandb said.

I too agree and I echo Alan's sentiments, especially regarding how efficiently the site is run.

--
Nuvi 2460LMT 2 Units

Subject field is required.

mgarledge wrote:
soberbyker wrote:

Another thing I only run into on this site is clicking a link takes me off this site instead of opening a new window/tab. I often forget that and when done reading the info at the link close the window, and if I wasn't done here yet I have to sign back in.

When on a link right click your mouse and open link in new window or new tab. It takes a little while to get in the habit of doing this but after awhile it is natural to do and saves you from having to find your way again. If you use open in new window when you x out of that window your original window is still there.
Mary

Thanks, once in a great while I remember to do that, but, since this is the only site I would have to do that to open a link and not lose my place I almost always forget.

dobs108 wrote:

I agree with everything alandb said.

Ditto, minor annoyances, but annoyances nonetheless, first world problems.

--
. 2 Garmin DriveSmart 61 LMT-S, Nuvi 2689, 2 Nuvi 2460, Zumo 550, Zumo 450, Uniden R3 radar detector with GPS built in, includes RLC info. Uconnect 430N Garmin based, built into my Jeep. .

There really is no reason to

There really is no reason to do that if you use a pw manager.
I have been using one for years. all my pw are becoming very strong as I migrate them. there is only 1 to remember.

Two schools of thought on PW managers

ruggb wrote:

There really is no reason to do that if you use a pw manager.
I have been using one for years. all my pw are becoming very strong as I migrate them. there is only 1 to remember.

First of all let me say I use a PW manager, but it is a standalone version, not a cloud based version.

The problem with some cloud based systems is if a hacker gets the “master” password, then he basically has access to virtually every site you frequent. For instance, say you deal with six different banks. If I crack your master password, I cna get into the cloud based system and with little work I can get access to the bank accounts. Usually the user ID is your email address, also something relatively easy to get. Some experts feel this is only slightly better than using the same password for multiple accounts. Where the advantage lies is you can use as a master password a relatively long phrase that is easy to remember; perhaps something like “Dad was born on xx/xx/xxxx”. Something of that format will usually meet the requirements of minimum number of letters, upper case, lower case, numbers, symbols, etc. Yes, it is long but if you are using a keyboard it becomes quite rapid to provide the input.

--
John from PA

Think SolarWinds hack.

ruggb wrote:

There really is no reason to do that if you use a pw manager.
I have been using one for years. all my pw are becoming very strong as I migrate them. there is only 1 to remember.

I'm just not trusting enough to use a password manager. Think SolarWinds hack.

It really doesn't bother me...

...that this site is not secure. There is really nothing secure on here. I mean it's not a financial website or anything remotely close to one. This website is created so that people who are GPS aficionados have to place to ask questions, get answers, and exchange ideas. I suppose that someone could get your email address, but email addresses are usually floating around and there is not much that you can do with them. I mean, we give them out fairly frequently and a lot of the time to people that we don't know. (Think department stores, tire stores, etc.) So, with that being said, I really don't have any issue with it being non-secure. I am not going to put anything on here that would benefit someone in stealing my identity or anything else.

--
It is impossible to rightly govern a nation without God and the Bible. ----George Washington

.

johnnatash4 wrote:

I thought wait a sec that's a real pwd, but where do I use it?

I use it here.

Also, I went to change it, and firefox warns me that the fields to change them are not secure.

Do we need to be concerned?

The sign-in (or log-in) part of this website is secure but it redirects us to http (not secure) site after signing in. In addition to that, the password change is also not secure (http) so Firefox warning is correct, you are submitting password change over http (not secure connection) as oppose to https. Anyone "listening in" between your computer and POI server can steal your password. I suppose you may have accessed POI site through a public WiFi connection. That's how they know your password. Just a wild guess.

Some of us don't really care if this site is not a full http secure site but I say don't underestimate what bad guys can do with stolen information. We don't think like them so we won't know how bad it can get if they have our info especially if you use the same password on many other sites.

I agree

That this forum is well run and the moderators are doing this because they enjoy it and surely use a lot of their time to keep the forum running on an even keel. This is most likely done after they finish a regular job.

--
Nuvi 350 long gone, Nuvi 855LMT, Nuvi 2797LMT, DriveSmart 50 LMT-HD, 3790LMT now my daughters. Using Windows 10. DashCam A108C with GPS.

I May Sound Like A Record Being Replayed,

but I am not concerned about the security level of this site, nor am I concerned about the security level of most of the sites I visit. The only ones that I care about are the sites that involve some kind of financial or business transaction.

I also use a different password on every web site I visit and control them with a password manager that is on my own computer, not in the Cloud.

- Tom -

--
XXL540, GO LIVE 1535, GO 620

Thanks for the Tip

Good looking out.