Password Reset Problems on FA by FlameWolf

Yeah, the e-mail never showed up. At a loss of what to do here. Don't know if I truly wanna waste the energy to fight with their support... There's probably no way to get ahold of staff unless I'm logged in either. Probably stuck for a bit....

Password Reset Problems on FA

FlameWolf

23 May 2016 at 09:36:41 MDT

Journal Information

Views:
279
Comments:
12
Favorites:
0
Rating:
General

Tags Modify

Edit Tags


Comments

  • Link

    That sucks. The fact that they didn't ask for permission to reset accounts caused a lot of people, including my account, to become inaccessible.

    • Link

      They should have given users some time to fix it or something... Just give us time.

      • Link

        Exactly. It would have been easier if we could have done it ourselves after they tell us to.

  • Link

    You can try to do it again in a few hours. If your password doesn't reset, there should be an auto-clear, where it lets you just retry.

    • Link

      Thanks so much. I finally got in after having to figure out how to add the noreply to my contacts.

  • Link

    Same here. :/

    • Link

      Finally got it to work after figuring out how to add the noreply to my contacts. Log in to find they patched the security hole with... a captcha. I have no words.

      • Link

        The captcha was just an added security feature for the login, if you'd read any of their journals you'd know that they patched the loophole before the attack, but not before someone managed to exploit it.

        • Link

          If they patched it before the attack, the exploit should have no longer been valid. That's the WHOLE point of patching an exploit in code, to stop it from being used. I don't believe for a split second they fixed ANYTHING before this happened.

          • Link

            Did you even read any of their journals at all? The exploit allowed people to download the sourcecode for the website, they patched it but not before someone managed to download it and spread it around. People that had access to it then managed to find loopholes in the security of the site (which almost every site has at one point or another, so don't try and convince me otherwise). They have since fixed those issues, if you'd like a summary of what they patched you can read it here http://www.furaffinity.net/journal/7586494
            Maybe you should actually read up on this stuff rather than being automatically biased to shitting over FA when ever you get the smallest chance.

            • Link

              CAPTCHAs are not for security. They're for controlling bot spam.

              The point is that FA is using the wrong tool for the job because they don't understand what the tool is for.

              • Link

                ie, for security to stop someone from trying to bruteforce a password. That wasn't the only addition they made.