VN Boards Archive

[VN Boards Archive]

Welcome to the Vault Network forum archive.

This is not a complete archive, time didn't allot us the opportunity to properly backup the majority of the boards deemed "expendable". Most boards on this list have at least 20-40 pages archived (non-logged in pages, 15 topics per page).

Popular boards may have as many as 250 pages archived at 50 topics per page, while others deemed of historical signifigance may be archived in their entirety.

We may not agree with how the board shutdown was managed, but we've done what we could to preserve some of its history in lieu of that.

Please enjoy the archive.
~ Managers, Moderators, VIP's, and regular posters.

Author

Topic: Sinlock's board emails your password in plain text

Scarne Title: Capo di Scientifico Posts: 27,710 Registered: Jul 23, '01 Extended Info (if available) Real Post Cnt: 22,798 User ID: 272,061	Subject: Sinlock's board emails your password in plain text
	Someone sound the metalface alert! -----signature----- E Pluribus Unum
	Link to this post
Sinlock Title: Savior of the Camelot Outpost Posts: 27,600 Registered: May 14, '00 Extended Info (if available) Real Post Cnt: 26,129 User ID: 24,657	Subject: Sinlock's board emails your password in plain text
	That must be only during registration. The form emails it to you like a savant, and doesn't store the plaintext in the DB or in any way it could be fetched by me or anyone else. In the DB, passwords are hashed through MD5. I cannot read the plaintext. This is a 32 character string of gibberish looking characters that have no recognizable pattern to human eyes. It is possible to brute force MD5 codes, given a particular MD5 value; however, if you make your password at least 10 characters long and include a special character, number, and/or one more more capitalized characters, the brute force time can take weeks/months/many years to crack. On the modern internet it is not wise to have short passwords that are only lowercase letters for anything important. If it bothers anyone that the email is sent with the password in plaintext, I could likely have the savant form strike that part out. -----signature----- THOOOOKA...THOOOOOKA...THOOOOOKA... Future Grand President For Life of the Universe (you'll see! you'll be sorry then!) Outpost Terrorist #1! I don't care what any law says!
	Link to this post
paulg_68 Posts: 30,961 Registered: Jul 27, '09 Extended Info (if available) Real Post Cnt: 30,669 User ID: 1,364,918	Subject: Sinlock's board emails your password in plain text
	I used a different password than I ever use anywhere else because I know that Sinlock is evil and devious. -----signature----- If you wish to make an apple pie from scratch... http://www.youtube.com/watch?v=zSgiXGELjbc "Everyone has a chance to become rich." - Groucho48 "Most of the human wealth on earth exists between the ears of live human beings." - theredkay1
	Link to this post
Sinlock Title: Savior of the Camelot Outpost Posts: 27,600 Registered: May 14, '00 Extended Info (if available) Real Post Cnt: 26,129 User ID: 24,657	Subject: Sinlock's board emails your password in plain text
	Meh - fixed. Registration confirmations no longer include plaintext passwords. -----signature----- THOOOOKA...THOOOOOKA...THOOOOOKA... Future Grand President For Life of the Universe (you'll see! you'll be sorry then!) Outpost Terrorist #1! I don't care what any law says!
	Link to this post
Sinlock Title: Savior of the Camelot Outpost Posts: 27,600 Registered: May 14, '00 Extended Info (if available) Real Post Cnt: 26,129 User ID: 24,657	Subject: Sinlock's board emails your password in plain text
	paulg_68 posted: I used a different password than I ever use anywhere else because I know that Sinlock is evil and devious. I have been known to crack MD5 passwords; that said, if you keep it 10 characters (11 or even 12 is better) with at least one special character/number/cap letter, then it can take YEARS to brute force. Rainbow tables are another matter. I haven't played with them much, but I understand they are very effective. Just use unique passwords for sites and there would never be a problem here or anywhere. -----signature----- THOOOOKA...THOOOOOKA...THOOOOOKA... Future Grand President For Life of the Universe (you'll see! you'll be sorry then!) Outpost Terrorist #1! I don't care what any law says!
	Link to this post
NuEM Posts: 15,394 Registered: Mar 2, '04 Extended Info (if available) Real Post Cnt: 13,662 User ID: 900,449	Subject: Sinlock's board emails your password in plain text
	Fix your create new account link. -----signature----- It's time we became European: http://www.youtube.com/watch?v=6VzdZ1i8YM8 The Federalist's Song: http://www.youtube.com/watch?v=lz70fFZHEhw
	Link to this post
Sinlock Title: Savior of the Camelot Outpost Posts: 27,600 Registered: May 14, '00 Extended Info (if available) Real Post Cnt: 26,129 User ID: 24,657	Subject: Sinlock's board emails your password in plain text
	NuEM posted: Fix your create new account link. What's not working about it? We've had a ton of people register, and I just tried it - appears to be working fine. -----signature----- THOOOOKA...THOOOOOKA...THOOOOOKA... Future Grand President For Life of the Universe (you'll see! you'll be sorry then!) Outpost Terrorist #1! I don't care what any law says!
	Link to this post
NuEM Posts: 15,394 Registered: Mar 2, '04 Extended Info (if available) Real Post Cnt: 13,662 User ID: 900,449	Subject: Sinlock's board emails your password in plain text
	When I click on create new account it just loads the main page again. -----signature----- It's time we became European: http://www.youtube.com/watch?v=6VzdZ1i8YM8 The Federalist's Song: http://www.youtube.com/watch?v=lz70fFZHEhw
	Link to this post
bstulic Posts: 17,106 Registered: Jul 26, '02 Extended Info (if available) Real Post Cnt: 14,844 User ID: 700,812	Subject: Sinlock's board emails your password in plain text
	Sinlock posted: paulg_68 posted: I used a different password than I ever use anywhere else because I know that Sinlock is evil and devious. I have been known to crack MD5 passwords; that said, if you keep it 10 characters (11 or even 12 is better) with at least one special character/number/cap letter, then it can take YEARS to brute force. Rainbow tables are another matter. I haven't played with them much, but I understand they are very effective. Just use unique passwords for sites and there would never be a problem here or anywhere. Don't crack it, man. Just put code to save it in plain text in your private database -----signature----- http://gimpchimp.etilader.com/display.php?user=segro http://img102.imageshack.us/my.php?image=killinguj9.gif http://www.youtube.com/watch?v=pRzZuVqyAQI
	Link to this post
Sinlock Title: Savior of the Camelot Outpost Posts: 27,600 Registered: May 14, '00 Extended Info (if available) Real Post Cnt: 26,129 User ID: 24,657	Subject: Sinlock's board emails your password in plain text
	NuEM posted: When I click on create new account it just loads the main page again. I believe I know the issue and will PM you privately. Look for a message in about 45 seconds! -----signature----- THOOOOKA...THOOOOOKA...THOOOOOKA... Future Grand President For Life of the Universe (you'll see! you'll be sorry then!) Outpost Terrorist #1! I don't care what any law says!
	Link to this post
NuEM Posts: 15,394 Registered: Mar 2, '04 Extended Info (if available) Real Post Cnt: 13,662 User ID: 900,449	Subject: Sinlock's board emails your password in plain text
	Yay! -----signature----- It's time we became European: http://www.youtube.com/watch?v=6VzdZ1i8YM8 The Federalist's Song: http://www.youtube.com/watch?v=lz70fFZHEhw
	Link to this post
Darkblade_The_Great Posts: 7,838 Registered: Aug 10, '00 Extended Info (if available) Real Post Cnt: 6,360 User ID: 39,086	Subject: Sinlock's board emails your password in plain text
	paulg_68 posted: I used a different password than I ever use anywhere else because I know that Sinlock is evil and devious. -----signature----- the less you gamble, the more you lose when you win. "Just get us on the ground." "I think that part'll happen pretty definitely!" Freedom only lives where good men make a stand
	Link to this post
Sinlock Title: Savior of the Camelot Outpost Posts: 27,600 Registered: May 14, '00 Extended Info (if available) Real Post Cnt: 26,129 User ID: 24,657	Subject: Sinlock's board emails your password in plain text
	I'm an idiot. Post edited. -----signature----- THOOOOKA...THOOOOOKA...THOOOOOKA... Future Grand President For Life of the Universe (you'll see! you'll be sorry then!) Outpost Terrorist #1! I don't care what any law says!
	Link to this post
NuEM Posts: 15,394 Registered: Mar 2, '04 Extended Info (if available) Real Post Cnt: 13,662 User ID: 900,449	Subject: Sinlock's board emails your password in plain text
	nt -----signature----- It's time we became European: http://www.youtube.com/watch?v=6VzdZ1i8YM8 The Federalist's Song: http://www.youtube.com/watch?v=lz70fFZHEhw
	Link to this post
Sinlock Title: Savior of the Camelot Outpost Posts: 27,600 Registered: May 14, '00 Extended Info (if available) Real Post Cnt: 26,129 User ID: 24,657	Subject: Sinlock's board emails your password in plain text
	bstulic posted: Sinlock posted: paulg_68 posted: I used a different password than I ever use anywhere else because I know that Sinlock is evil and devious. I have been known to crack MD5 passwords; that said, if you keep it 10 characters (11 or even 12 is better) with at least one special character/number/cap letter, then it can take YEARS to brute force. Rainbow tables are another matter. I haven't played with them much, but I understand they are very effective. Just use unique passwords for sites and there would never be a problem here or anywhere. Don't crack it, man. Just put code to save it in plain text in your private database I'm being ethical and stuff. I don't want to do that. -----signature----- THOOOOKA...THOOOOOKA...THOOOOOKA... Future Grand President For Life of the Universe (you'll see! you'll be sorry then!) Outpost Terrorist #1! I don't care what any law says!
	Link to this post
bstulic Posts: 17,106 Registered: Jul 26, '02 Extended Info (if available) Real Post Cnt: 14,844 User ID: 700,812	Subject: Sinlock's board emails your password in plain text
	Sinlock posted: I'm being ethical and stuff. I don't want to do that. -----signature----- http://gimpchimp.etilader.com/display.php?user=segro http://img102.imageshack.us/my.php?image=killinguj9.gif http://www.youtube.com/watch?v=pRzZuVqyAQI
	Link to this post
Scarne Title: Capo di Scientifico Posts: 27,710 Registered: Jul 23, '01 Extended Info (if available) Real Post Cnt: 22,798 User ID: 272,061	Subject: Sinlock's board emails your password in plain text
	You "should" also be salting the passwords so even if the user is dumb, the MD5 codes can't be reversed plausibly. But that might be overkill for the size of your website. -----signature----- E Pluribus Unum
	Link to this post
ZigmundZag Title: Grammar Nazi Posts: 25,948 Registered: Mar 25, '02 Extended Info (if available) Real Post Cnt: 22,707 User ID: 661,552	Subject: Sinlock's board emails your password in plain text
	I have three different tiers of passwords based upon how secure I need it to be. Sinlock's board received a slightly modified version of the lowest tier I use. You could probably rainbow table or brute force the password, but even if you could connect it to other accounts of mine you wouldn't find anything more interesting than a message board to open. -----signature----- "Take the cheese to sickbay!"
	Link to this post
Sinlock Title: Savior of the Camelot Outpost Posts: 27,600 Registered: May 14, '00 Extended Info (if available) Real Post Cnt: 26,129 User ID: 24,657	Subject: Sinlock's board emails your password in plain text
	Scarne posted: You "should" also be salting the passwords so even if the user is dumb, the MD5 codes can't be reversed plausibly. But that might be overkill for the size of your website. That is actually an issue with Drupal 6.0, which we use. Drupal 7 does use salts. I could likely hack drupal 6 to start using salts, but then that would be a potentially maintenance issue when I do drupal updates, which would essentially blow away my hack and then I'd have to remind myself how to do it again. It's not really a "big" issue, so I'm not worrying too much about it. -----signature----- THOOOOKA...THOOOOOKA...THOOOOOKA... Future Grand President For Life of the Universe (you'll see! you'll be sorry then!) Outpost Terrorist #1! I don't care what any law says!
	Link to this post