Hacker login attempts

Travel Forums System Talk Hacker login attempts

1. Posted by Peter (Admin 6778 posts) 2w 1 Star this if you like it!

Hey everyone,

I just noticed a large number of automated login attempts on Travellerspoint.

These attempts appear to have been made solely for the purpose of verifying that a password belongs to a username.

There have been a bunch that were successful (after only a handful of attempts), which leads me to believe that they are using passwords that they already believe are linked to these users and just want to confirm that is the case. Their activity on the site never proceeds beyond the home page.

NOTE: I do NOT believe they have in any way accessed the Travellerspoint database. Even if they did, all the passwords are stored in such a way that you can't work out what they are by looking at the database.

It appears to me that they have found these passwords from breaches on other sites and have linked them to identical usernames here on Travellerspoint. All the usernames I've checked so far are not unique to Travellerspoint.

I have turned off logging in on Travellerspoint while I lock down things a bit more as best I can.

Steps you should take (when you can log in again)

1. If you are using a password on here that you are using anywhere other than on Travellerspoint, I recommend you update your password immediately.
2. You can check if your email address was in any data breaches through HaveIBeenPwned . If you see it come up with a few sites, you want to make sure you are definitely not using whatever password you were using on those sites.

2. Posted by Peter (Admin 6778 posts) 2w 1 Star this if you like it!

An update on this. I've added extra checks on login which hopefully will block these attempts and restored the ability to log in on the site for now. I'll be watching this closely. Hopefully it doesn't cause any problems logging in for genuine users.

3. Posted by hennaonthetrek (Full Member 132 posts) 2w Star this if you like it!

I could log in still debating changing the password or not..I literally changed it week or so ago..

4. Posted by Peter (Admin 6778 posts) 2w Star this if you like it!

You should be fine providing it's a unique password.

A lot of the accounts were older and most likely using the same password across multiple services which is how this kind of thing can happen. More critical services (ie, banking) use things like two factor authentication to guard against such attacks, but that seems like overkill for a service like this. I think most people would find it annoying. Then again, maybe it's worth doing for those people who want the extra security.

5. Posted by leics2 (Travel Guru 937 posts) 2w Star this if you like it!

>maybe it's worth doing for those people who want the extra security.

I agree that two-factor authentification seems like complete overkill for a site like this. But if there are people who are worried (?) perhaps two-factor authentification could be an optional extra which has to be actively chosen? E.g. 'Add another layer of security to your account' or 'Make your account extra-secure'?

6. Posted by hennaonthetrek (Full Member 132 posts) 2w Star this if you like it!

Atleast I think my password is unique and even in the case that it's not so, I use that particular one only in here..

7. Posted by Peter (Admin 6778 posts) 2w Star this if you like it!

Yeah, when I say unique - I mean unique to you. And obviously not something super simple to guess. Though that's not what was happening in this case. I already have blocks in place to stop them just guessing every word in the dictionary. They wouldn't get very far trying that.

8. Posted by MilesTX (Budding Member 33 posts) 2w Star this if you like it!

You can google for lists of common passwords. Anyone using one of those, or re-using a password on more than one site, is more likely to get hacked

9. Posted by Beausoleil (Travel Guru 1216 posts) 1w Star this if you like it!

That's a great web site for checking Peter. I gave it to everyone in our family. Thanks.