Password Reset
10
Earlier tonight one of our administrators accounts was broken into and used maliciously. Around 500 manga were re-tagged and had most of their information vandalized. But outside of the one administrator account and the manga corruption, no private information was lost. A post was made on the front page by the perpetrators outlining their reasons for doing so, which revolved entirely around me. They made some good points. I could be a better administrator and I still have a lot to learn, but I have and will continue to do my best to keep FAKKU online and mostly stable.
The administrator's account was broken into because they were using the same password for FAKKU that they were using elsewhere. When a website stores your password it encrypts it inside of the database, most often using md5 encryption. The problem with md5 is that it's widely used and once the encrypted form of the password is known you can easily look up the reverse and figure out common passwords. This is why websites prompt you to choose passwords with numbers, special characters, and uppercase letters.
Up until now FAKKU was using md5 encryption (which was left over from phpbb, the CMS FAKKU was originally built on). But from now on we will be using a form of salting along with bcrypt to secure all user accounts so that their passwords (if they are ever compromised) cannot be figured out using a reverse md5 lookup. All you have to do is login to your account and change your password, and you should take this opportunity to make sure it's something secure (fakku123 is not a good a password to use).
The administrator's account was broken into because they were using the same password for FAKKU that they were using elsewhere. When a website stores your password it encrypts it inside of the database, most often using md5 encryption. The problem with md5 is that it's widely used and once the encrypted form of the password is known you can easily look up the reverse and figure out common passwords. This is why websites prompt you to choose passwords with numbers, special characters, and uppercase letters.
Up until now FAKKU was using md5 encryption (which was left over from phpbb, the CMS FAKKU was originally built on). But from now on we will be using a form of salting along with bcrypt to secure all user accounts so that their passwords (if they are ever compromised) cannot be figured out using a reverse md5 lookup. All you have to do is login to your account and change your password, and you should take this opportunity to make sure it's something secure (fakku123 is not a good a password to use).
0
luinthoron
High Priest of Loli
Sad to see something like this happen, but at least everything's fixed now. ^_^
0
Cinia Pacifica
Ojou-sama Writer
[color=red][b]Password changed.
Glad to see everything is alright now.
Glad to see everything is alright now.
0
StaticTY
The Economist
It's great to see Fakku back up at full strength. I worried when i couldn't enter the site :(
1
I don't believe that it is justified in causing havoc to prove a point. I hope such an action will not be repeated...
Please keep up the good work with Fakku! I really love this site and would hate for anything to happen to it.
Please keep up the good work with Fakku! I really love this site and would hate for anything to happen to it.
0
Glad Fakku is back up. And I feel horrible that someone had to crack into an admin's account. How low can you get... I think the password reset was a great decision.
0
daniel_romero
Faplord
Lol. I think I'm ok now. I got a 31 character password. I'm safe now.
Oh and we are getting the mobile redirecting ads again.
Oh and we are getting the mobile redirecting ads again.
0
your human, and all humans have flaws. If they are a member of Fakku, they should noe that w/o you this site would not have existed. If they are from a different community, simply point us in that direction and i'm pretty sure the majority of Fakku would fight for you.
As for the break-in. No biggie,the community would still be willing to help retag the things that were changed as some of do voluntarily. You need but ask and some of us would be willing to help.
As for the break-in. No biggie,the community would still be willing to help retag the things that were changed as some of do voluntarily. You need but ask and some of us would be willing to help.
0
Good to see it's back up. There might be a glitch from when you fixed things though, since Idol Party chapter 2 has disappeared, and the link on the frontpage points to manga id number 0, which redirects to a random manga.
