• Effective immediately we will be deleting, without notice, any negative threads or posts that deal with the use of encryption and streaming of scanner audio.

    We've noticed a huge increase in rants and negative posts that revolve around agencies going to encryption due to the broadcasting of scanner audio on the internet. It's now worn out and continues to be the same recycled rants. These rants hijack the threads and derail the conversation. They no longer have a place anywhere on this forum other than in the designated threads in the Rants forum in the Tavern.

    If you violate these guidelines your post will be deleted without notice and an infraction will be issued. We are not against discussion of this issue. You just need to do it in the right place. For example:
    https://forums.radioreference.com/rants/224104-official-thread-live-audio-feeds-scanners-wait-encryption.html

Security Incident - Please Change Your Password

Status
Not open for further replies.

TailGator911

Member
Premium Subscriber
Joined
Feb 12, 2005
Messages
1,811
Location
Fairborn, OH
Well, it's a good thing I saw this thread and went in and changed my password. I noticed my Premium Subscription had expired while I was on vacation! So, done and done. :)

JD
kf4anc
 

N0ZQR

Member
Premium Subscriber
Joined
Feb 16, 2003
Messages
208
I have done so and now I can’t login at all what do I need to do?
 

wbswetnam

Member
Premium Subscriber
Joined
Oct 11, 2005
Messages
1,584
Location
DMR-istan
So, do I also need to log out and log back into my Broadcastify account for my online feed?
 

DaveNF2G

Member
Premium Subscriber
Joined
Jan 23, 2001
Messages
9,276
Location
Rensselaer, NY
In a short time, any unchanged passwords will be "expired" by the system. Then you can change it right at the login prompt.
 

simpilo

Member
Joined
Sep 18, 2018
Messages
663
Location
Oklahoma City,OK
Just because I have no camera on the computer for the perverted hacker I have changed my password. Takes a badly twisted sick mentally ill person to fabricate such emails and as sick in the head to hack people's websites for that pedophile purpose. I pray that individual gets thrown in prison.:mad:
 

V_A_R_I_A_B_L_E

Member
Premium Subscriber
Joined
Aug 23, 2011
Messages
52
Location
Portland, OR
1. To reply in this thread, I was apparently able to log in with the same username (not my actual email address, in case that makes a difference) and password, and I was not prompted that my credentials had expired or that I needed to change to a new password. Is that correct? Do some people here type their full email address into the "username" field when logging in?

2. As also asked in post #43 by wbswetnam, will I need to log out of and back into my streaming feed that I'm currently providing/will the "auto expiration" plan (that, as I mentioned above, hasn't seemed to work on me) interrupt my streaming feed?

3. Does this incident also mean I need to beware of my changing login credentials for the trouble ticket system at radioreference.Zendesk.com? Or is this vulnerability limited to only the radioreference.com domain?

Thanks.
 

blantonl

Founder and CEO
Staff member
Joined
Dec 9, 2000
Messages
9,231
Location
San Antonio, TX
1) Access your account at Your Account - you will be prompted to change your password there if your password needs changed

2) Yes, at some point you'll need to restart your feed to save the new login/password if you want it to properly auto-reconnect.

3) No change needed for Zendesk.
 

V_A_R_I_A_B_L_E

Member
Premium Subscriber
Joined
Aug 23, 2011
Messages
52
Location
Portland, OR
Ok, be advised that the link you posted (Your Account) does indeed prompt me to change my password, but clicking the "Log In" button (Log in) in the upper right of the screen while viewing this forum page did not...this allowed me to successfully log in with my old credentials. Clicking my own username (https://forums.radioreference.com/account/) in the upper right after I've already logged in also does not prompt me to change my password, just fyi.
 

GTR8000

Well Known Member
Database Admin
Joined
Oct 4, 2007
Messages
7,445
Location
BEE00
Note that 2FA only applies to the forums; there is no 2FA currently available for the main RR login, or the wiki login, or Broadcastify login. Xenforo only. Still, it's better than nothing.
 

Firekite

Member
Premium Subscriber
Joined
Apr 2, 2019
Messages
182
MD5 has been broken for nearly a decade. It’s perplexing and disappointing that a site like this would use it for password hashes, unsanitized SQL insertion 101 vulnerabilities aside. Hopefully others take note and catch up. Even SHA1 has been deprecated for a couple of years now.
 

N2AL

Member
Joined
Apr 11, 2008
Messages
416
Location
Tennessee
I am very much displeased with RR!!! I never received ANY type of communication about my personal information, email and password, being compromised. RR could have at least sent an email, but saying how I am only now receiving messages with my password, I would make a strong assumption our information is being sold on the dark web.
 
Status
Not open for further replies.
Top