SubOperator Posted April 30, 2020 Share Posted April 30, 2020 Today I was cleaning my spam folder and found a demand for ransom saying they stole my passwords and what not. Listed my Legacygt.com password as proof, I only used that combination here. Nothing happened this far but I changed the pass just in case. 2005 LGT Wagon Limited 6 MT RBP Stage 2 - 248K 2007 B9 Tribeca Limited DGM - 258K SOLD - 2005 OB Limited 5 MT Silver - 245K SOLD - 2010 OB 6 MT Silver - 205K Link to comment Share on other sites More sharing options...
rhino6303 Posted April 30, 2020 Share Posted April 30, 2020 Today I was cleaning my spam folder and found a demand for ransom saying they stole my passwords and what not. Listed my Legacygt.com password as proof, I only used that combination here. Nothing happened this far but I changed the pass just in case.I've been saying for a long time that it bothers me that the site is not secure (http vs https). Now I need to change my password. Link to comment Share on other sites More sharing options...
cww516 Posted May 1, 2020 Share Posted May 1, 2020 I think I got that same email- I figured it was a remnant of when Comcast lost a bunch of account info a couple years ago (because I reuse passwords like a noob), but that's the same password I use here as well. I'll see what has to be done about putting up an announcement about changing passwords. Link to comment Share on other sites More sharing options...
Infosecdad Posted May 1, 2020 Share Posted May 1, 2020 You can enter your email address into https://haveibeenpwned.com/ It's a legit site run by the security researcher Tony Hunt. If they know about any breaches with your email in them, they'll tell you. It may be like what cww516 said, that it's the same password from another site. Since this site is http, it's seriously at risk for malware injection for drive-bys and password theft. If you all need help getting a cert setup for it, I'm game to spend a little time to help. Link to comment Share on other sites More sharing options...
SBT Posted May 1, 2020 Share Posted May 1, 2020 This site has been setup on a secure server for the past four years in a well-managed and protected (as well as anything can be protected in the civilian sector) data center. Note the https:// in our address. - Pro amore Dei et patriam et populum - Link to comment Share on other sites More sharing options...
Infosecdad Posted May 1, 2020 Share Posted May 1, 2020 Ah, I see that now; Chrome has changed to hiding the protocol, but has an "i" to indicate it doesn't like something. https://www.ssllabs.com/ssltest/analyze.html?d=legacygt.com&hideResults=on Looks like Chrome is fussing about supporting TLS 1.0 and TLS 1.1 and a number of weak cipher suites in the TLS 1.2. Thanks for all you do for this site! Link to comment Share on other sites More sharing options...
dgoodhue Posted May 1, 2020 Share Posted May 1, 2020 Most forum passwords were all hacked in 2014, so it isn't surprising. I fortunately had already revamped my password structure. All my forums I signed up for have a generic forum password. I get those emails too. Good luck getting any real information from that. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now