Dont use your SRO password when signing up for forums

SNAPPA · **Joined:** Jul 2007 **Posts:** 35 **Location:**

Should be common sense. But there are ALOT of stupid ppl out there.

There are ALOT of new sro related forums starting up (even rev6 has one now). Just giving everyone a warning....

DO NOT MAKE FORUM ACCOUNTS WITH THE SAME LOG IN/PASSWORD YOU USE FOR SILKROAD!!!!!

The forum admins can see your password. And I bet alot of you used the same email for SRO as you do when your confirming your new forum accounts. tsk tsk.

Make a secondary email account for bullshit website stuff. Like "sendspamhere@yahoo dot com".

Especially some of these new player made websites.
cough*igame'semi'legit*cough

Don't be stupid. Don't get hacked.

this public service announcement is sponsored by SNAPPA. fyc.

iseedeadpeople · **Joined:** Jul 2008 **Posts:** 276 **Location:**

dude, igamelegit .com is perfectly safe and legal... since its the official confed site lol, unless your being sarcastic then =/

But id be wary about Rev6, i made sure i put no links in my acc info other than the name gundamhealer and my sig, no passwords and users etc.

Questmaster · **Posted:** Sun Dec 28, 2008 6:31 am

RIGHT ON!

Ragnorak · **Joined:** Apr 2007 **Posts:** 1147 **Location:**

I don't even let firefox save my passwords lol.
I always make a new email when signing up for forum...but I don't remember the pw for that email -,-

Lowis · **Joined:** Feb 2008 **Posts:** 570 **Location:** Trolling

Password are encrypted into the database just like any other forum. If you use phpbb3, php-fusion, vbulletin and so many more... We can change the password but we can not retreve the password.

Rev6 should know this better than anyone.

EDIT: I hate people that freak out... igamelegit.com is stamped clean some of the people are from silkroadaddiction.com which is another clean site.

Cruor · **Joined:** Apr 2006 **Posts:** 1999 **Location:**

Lowis wrote:

Password are encrypted into the database just like any other forum. If you use phpbb3, php-fusion, vbulletin and so many more... We can change the password but we can not retreve the password.

Rev6 should know this better than anyone.

This man speaks the truth. The password is usually encrypted before it even leaves your computer.

Nyx · **Joined:** May 2008 **Posts:** 248 **Location:** Canada

Cruor wrote:

Lowis wrote:

Password are encrypted into the database just like any other forum. If you use phpbb3, php-fusion, vbulletin and so many more... We can change the password but we can not retreve the password.

Rev6 should know this better than anyone.

This man speaks the truth. The password is usually encrypted before it even leaves your computer.

Knowledge is power!

ImmortalKiller · **Joined:** Aug 2008 **Posts:** 675 **Location:** VA/CA

BUT MENZ THY CAN REEDS IT WIF DENCYRPTUNZ CYZ REV5 KNOEZ ALL BOUT CMUPTZER CUZ THEY MEKK BOT DEY KNOE AWL ABUT CUMTUPRES!

@ OP: Occasionally, research is in fact more important than an idea alone.

KillZ · **Joined:** Apr 2007 **Posts:** 65 **Location:**

Lowis wrote:

Password are encrypted into the database just like any other forum. If you use phpbb3, php-fusion, vbulletin and so many more... We can change the password but we can not retreve the password.

Rev6 should know this better than anyone.

EDIT: I hate people that freak out... igamelegit.com is stamped clean some of the people are from silkroadaddiction.com which is another clean site.

This is a lie, as soon as you register, all the admins get PM'd with your E-mail / username / pass
and they all take turns cleaning out accounts.

Lowis · **Joined:** Feb 2008 **Posts:** 570 **Location:** Trolling

Do you have proof to backup your theory?

The only way they can get your username or password is if it wasn't saved to an actual database. Most forums use (Mysql) Might wanna look it up...

most forum program(s) (PHPBB, PHP-FUSION, vBulletin, Simple Machines) etc... they all use mysql as the database your password is auto encrypted. As i said in my previous post.

Admins can get your email and username. They can also change your password but they can NOT recover your password.

But if you feel so unsecure then you already know what to do....

This topic should be moved to site discussion or locked.

Phaidra · **Joined:** Jun 2008 **Posts:** 1142 **Location:** Not here

Lowis wrote:

Do you have proof to backup your theory?

The only way they can get your username or password is if it wasn't saved to an actual database. Most forums use (Mysql) Might wanna look it up...

most forum program(s) (PHPBB, PHP-FUSION, vBulletin, Simple Machines) etc... they all use mysql as the database your password is auto encrypted. As i said in my previous post.

Admins can get your email and username. They can also change your password but they can NOT recover your password.

But if you feel so unsecure then you already know what to do....

This topic should be moved to site discussion or locked.

He's right, create your own forum and try it...

aishsharma · **Posted:** Sun Dec 28, 2008 2:18 pm

lol common sense,
my junk email-> junkspot@rediffmail.com
this is wat i use on almost every new site i join and depending on how much i get spammd i change it IF i feel the site is safe
by safe i mean 1 month of observation for all new sites(even this 1 lol)

btw confed site is safe

x_iCe_x · **Joined:** Apr 2007 **Posts:** 369 **Location:**

just the FRAGINC common sense, thanks snappa, lets go play some halo later

BalkanFanaticS · **Joined:** Nov 2007 **Posts:** 768 **Location:**

iseedeadpeople wrote:

dude, igamelegit .com is perfectly safe and legal... since its the official confed site lol, unless your being sarcastic then =/

i wouldnt trust them with a wooden nickle

btw the ass in OP's sig belongs to keyra augustina

theblindarcher · **Posted:** Sun Dec 28, 2008 6:07 pm

nice sig

PocketSunshine · **Joined:** Nov 2008 **Posts:** 386 **Location:** Aion

I usually use a different email when I sign up, but I try to use the same password because I have a really bad memory. :banghead:

GwaR · **Joined:** Oct 2007 **Posts:** 137 **Location:**

back in the older forum versions if someone got control of the database or mysql, they could easily crack your password, because they were encrypted in md5's. now a-days forum passwords are encrypted in md5 with salt (randomly set characters in the md5), which makes it almost impossible to crack. there are also other ways to further encrypt passwords besides salting it though.

GwaR · **Joined:** Oct 2007 **Posts:** 137 **Location:**

Ragnorak wrote:

I don't even let firefox save my passwords lol.
I always make a new email when signing up for forum...but I don't remember the pw for that email -,-

letting firefox save your passwords is perfectly safe. not only are the cookies encrypted, but they are randomly placed so it's almost impossible to find.

GwaR · **Joined:** Oct 2007 **Posts:** 137 **Location:**

and yes i am a nerd

aishsharma · **Posted:** Sun Dec 28, 2008 7:28 pm

any reason u cudnt say all that in 1 post

oh but thx for FF thng abt passwrds and cookies i didnt know that

Project-Dragon · **Joined:** Oct 2006 **Posts:** 328 **Location:** Germany

Lowis wrote:

Password are encrypted into the database just like any other forum. If you use phpbb3, php-fusion, vbulletin and so many more... We can change the password but we can not retreve the password.

Rev6 should know this better than anyone.

EDIT: I hate people that freak out... igamelegit.com is stamped clean some of the people are from silkroadaddiction.com which is another clean site.

As long as the passwort is stored as an MD5-Hash in the database, you are correct.
But there are a few lower quality forum software with store the password as plain text.

Cruor · **Joined:** Apr 2006 **Posts:** 1999 **Location:**

GwaR wrote:

back in the older forum versions if someone got control of the database or mysql, they could easily crack your password, because they were encrypted in md5's. now a-days forum passwords are encrypted in md5 with salt (randomly set characters in the md5), which makes it almost impossible to crack. there are also other ways to further encrypt passwords besides salting it though.

Unsalted MD5 is only weak for weak passwords. It really all comes down to how secure your password is, but considering how common passwords like '123456' are, it's really no surprise that people get hacked.

Talonos · **Posted:** Mon Dec 29, 2008 12:12 am

Cruor wrote:

GwaR wrote:

back in the older forum versions if someone got control of the database or mysql, they could easily crack your password, because they were encrypted in md5's. now a-days forum passwords are encrypted in md5 with salt (randomly set characters in the md5), which makes it almost impossible to crack. there are also other ways to further encrypt passwords besides salting it though.

Unsalted MD5 is only weak for weak passwords. It really all comes down to how secure your password is, but considering how common passwords like '123456' are, it's really no surprise that people get hacked.

FACK!!! Now I gotta change my pw and the combination on my luggage...

NuclearSilo · **Posted:** Mon Dec 29, 2008 12:25 am

uhm, I once hacked a gold bot account.
SRO account database is full of ID like "aaaaaa", "aaaaab", etc... and their pass are mostly 123456, 000000, 111111.
The one i hacked by lucky is aaaaaa with 123456 password i think

XCaosX · **Posted:** Mon Dec 29, 2008 1:24 am

@SNAPPA change your sig dude,asses start to annoy me now..

SNAPPA · **Joined:** Jul 2007 **Posts:** 35 **Location:**

<<Goodbye - Ru>>

PureStr · **Joined:** Nov 2007 **Posts:** 1244 **Location:** GTA5

imo people should have 3 passwords.
1 for things that doesnt really matter (forums)
1 for things that are somewhat important (Myspace, E-mail, Facebook)
1 for things that are ultra important (Gamimg accounts)

Of course if you have bank accounts or paypal account or stuff like that online their PW should be unique.

GwaR · **Joined:** Oct 2007 **Posts:** 137 **Location:**

Cruor wrote:

GwaR wrote:

back in the older forum versions if someone got control of the database or mysql, they could easily crack your password, because they were encrypted in md5's. now a-days forum passwords are encrypted in md5 with salt (randomly set characters in the md5), which makes it almost impossible to crack. there are also other ways to further encrypt passwords besides salting it though.

Unsalted MD5 is only weak for weak passwords. It really all comes down to how secure your password is, but considering how common passwords like '123456' are, it's really no surprise that people get hacked.

true

sama98b · **Joined:** Feb 2007 **Posts:** 1428 **Location:**

XCaosX wrote:

@SNAPPA change your sig dude,asses start to annoy me now..

Guess u r gay

ps.: Different password for everything, good password manager ...

BalkanFanaticS · **Joined:** Nov 2007 **Posts:** 768 **Location:**

sama98b wrote:

XCaosX wrote:

@SNAPPA change your sig dude,asses start to annoy me now..

Guess u r gay

no offense but +1

Silkroad Online Forums

Dont use your SRO password when signing up for forums

Who is online