[goyo]

They're keep coming...It's not funny anymore...

[Bat21]

Originally Posted by grecostimpy

.... I went in and updated my password to something much stronger. At least this was a wake up call for me to use a stronger password as I haven't visited here in quite a while.

Yes, did the same here too as I haven't logged in for a while

[Paul M]

To repeat again - please dont post lists of IP addresses, its not serving any purpose, just filling up the thread.

This is just an automated system that uses zombie PCs all around the world (hence the hundreds of IPs) and tries a list of common, easy to guess passwords, and then moves on when it fails.

All you need to do is make sure you have a good password, that cannot be easily guessed, and delete the e-mails. You can of course change you password if you desire.

[Chris8]

Got like 10+ emails from yesterday about it as well. Uhmm some bots must be on fire. How about banning these bad bots? Maybe they have specific user-agent or lack of user-agent or specific referrer string so 1 small line in htaccess would do it, no? Maybe the vb.org login fields/page could be changed/tweaked, cmon you're wed devs you can do it. Bots follow some specific data within the page source, it's not that hard to fool them.

[bleros]

Today i got again only 8 attempt, i changed password with pass generator with 50 character

[kippesp]

I've not visited this forum in 6 years. But this mess brought me back for a short visit.

I know it is obvious, but people should be concerned that the harm from a successful username/password guess can do more harm than just spamming this forum or obtaining information from what this forum provides. Should that user still continue to use this same combination on other sites, say bankofamerica.com, then vbulletin forums can be a good testing ground for identifying valid combinations without triggering lockouts on other sites (without >1 factor improvements). Perhaps a design change to VB's log in such as reverting to a dreadded CAPTCHA after x-failed attempts. ...back to lurking.

[columbonet]

I had 47 emails today, all with different IP's trying to get into my account here on this site.

[Digital Jedi]

Originally Posted by kippesp

I've not visited this forum in 6 years. But this mess brought me back for a short visit.

I know it is obvious, but people should be concerned that the harm from a successful username/password guess can do more harm than just spamming this forum or obtaining information from what this forum provides. Should that user still continue to use this same combination on other sites, say bankofamerica.com, then vbulletin forums can be a good testing ground for identifying valid combinations without triggering lockouts on other sites (without >1 factor improvements). Perhaps a design change to VB's log in such as reverting to a dreadded CAPTCHA after x-failed attempts. ...back to lurking.

That's not, in any way, shape or form, vB's responsibility. Preventing access to your bank account, or any other online accounts, is your job. How many times have we been told not to use the same password on multiple sites? How many times have we been told to use number/CAPS/Lowercase/Special Character combinations? How many times have we've been told not to give out our password to sites that don't have the same URL as the one they claim to be? We've been warned and warning people for nearly two decades now how to do this right, and if folks continue to think it won't happen to them, that's on them, not the developers of forum software who've already taken significant steps to preventing this in the first place.

[grafbyte]

HI

im becom 4 mails ..

Block Disabled:      (Update License Status)
Suspended or Unlicensed Members Cannot View Code.

Block Disabled:      (Update License Status)
Suspended or Unlicensed Members Cannot View Code.

Block Disabled:      (Update License Status)
Suspended or Unlicensed Members Cannot View Code.

Block Disabled:      (Update License Status)
Suspended or Unlicensed Members Cannot View Code.

[inphoenix]

Add me to this list. 26 emails so far.

[hoadiem]

i got same issue (from 2:52pm to 3:38pm 6/11/13) 18 emails

180.188.196.47 from Hong Kong
124.165.212.3
117.218.37.18
186.116.130.11
114.251.216.194
124.195.52.21
66.35.68.146
205.164.41.101
41.89.130.6
212.33.204.37
190.102.17.240
188.136.199.193
202.150.137.154
190.201.233.18
189.115.138.217
217.219.128.134
89.218.101.26
218.25.249.188

i think admin should ban these ip to prevent them from hacking to ours accounts.

[blind-eddie]

http://www.vbulletin.org/forum/showp...7&postcount=93

[iogames]

I have 7! did I win?

Dear iogames,

Your account on vBulletin.org Forum has been locked because someone has tried to log into the account with the wrong password more than 5 times. You will be able to attempt to log in again in another 15 minutes.

125.39.66.155
213.186.122.123
46.29.78.20
201.217.252.67
218.108.242.108
187.73.70.14
125.39.66.146

[jemiller226]

19 in the last half hour. Seriously? Can you seriously not prevent login flooding? Can you seriously not block access to the member list?

And don't you dare tell me it's my problem!

[blind-eddie]

Originally Posted by iogames

I have 7! did I win?



125.39.66.155
213.186.122.123
46.29.78.20
201.217.252.67
218.108.242.108
187.73.70.14
125.39.66.146

Nope, I had 24 on the 9th....