Yeah, the e-mail never showed up. At a loss of what to do here. Don't know if I truly wanna waste the energy to fight with their support... There's probably no way to get ahold of staff unless I'm logged in either. Probably stuck for a bit....
23 May 2016 at 09:36:41 MDT
on 23 May 2016 at 10:02:30 MDT
That sucks. The fact that they didn't ask for permission to reset accounts caused a lot of people, including my account, to become inaccessible.
on 23 May 2016 at 15:23:01 MDT
They should have given users some time to fix it or something... Just give us time.
on 23 May 2016 at 19:37:30 MDT
Exactly. It would have been easier if we could have done it ourselves after they tell us to.
on 23 May 2016 at 10:23:33 MDT
You can try to do it again in a few hours. If your password doesn't reset, there should be an auto-clear, where it lets you just retry.
on 23 May 2016 at 15:22:26 MDT
Thanks so much. I finally got in after having to figure out how to add the noreply to my contacts.
on 23 May 2016 at 12:16:32 MDT
Same here. :/
on 23 May 2016 at 15:21:39 MDT
Finally got it to work after figuring out how to add the noreply to my contacts. Log in to find they patched the security hole with... a captcha. I have no words.
on 23 May 2016 at 16:54:17 MDT
The captcha was just an added security feature for the login, if you'd read any of their journals you'd know that they patched the loophole before the attack, but not before someone managed to exploit it.
on 24 May 2016 at 20:48:50 MDT
If they patched it before the attack, the exploit should have no longer been valid. That's the WHOLE point of patching an exploit in code, to stop it from being used. I don't believe for a split second they fixed ANYTHING before this happened.
on 25 May 2016 at 04:48:28 MDT
Did you even read any of their journals at all? The exploit allowed people to download the sourcecode for the website, they patched it but not before someone managed to download it and spread it around. People that had access to it then managed to find loopholes in the security of the site (which almost every site has at one point or another, so don't try and convince me otherwise). They have since fixed those issues, if you'd like a summary of what they patched you can read it here http://www.furaffinity.net/journal/7586494Maybe you should actually read up on this stuff rather than being automatically biased to shitting over FA when ever you get the smallest chance.
on 29 May 2016 at 04:03:22 MDT
CAPTCHAs are not for security. They're for controlling bot spam.
The point is that FA is using the wrong tool for the job because they don't understand what the tool is for.
on 29 May 2016 at 04:58:00 MDT
ie, for security to stop someone from trying to bruteforce a password. That wasn't the only addition they made.