Account assault?

[deadly]

When I logged in this morning, it initially rejected me saying that I'd exceeded the number of login attempts and redirected me to a "captcha". I knew I hadn't as my last login was fine yesterday.

Is it possible that there's been account hacking attempts?

[Easilyconfused]

I guess anything is possible. I am not aware of any issues at the moment but to be on the safe side I would direct your question to support@atomic-systems.com and let one of the admins look at it.

Please give as much details as possible when emailing. I will be talking to one of the admins tonight so I will mention it as well.

[bigvern]

I just had the same thing happen to me, admittedly logging in from work. So maybe it is an issue with the forum software.

Logged out then logged back in to post this and worked without the extra security measure.

It's the first time in 8 odd years of using UKTS that I've encountered this though.

[AndyM77]

Just adding a "Me Too!"

Usually I keep my site cookies for around a week or so, and today just happened to be a day when I needed to log in (due to clearing a weeks worth of cache), 'Too many logins' and had to input a capatcha (think that's what those stupid text box things are called).

[Easilyconfused]

Thanks for the continuing input. It is being looked at but can anyone affected drop a line to support@atomic-systems.com please ? The more information we have the better.

[AndyM77]

Email sent

[stephenholmes]

Good evening everyone
I had this on Thursday
I typed in my password and a message said I'd exceeded the number of log in attempts
I will contact support although it hasn't occurred since
Kind regards Stephen

[rufuskins]

Ditto earlier this evening!

Message sent to support. No repeat this time.

Alec

[NeutronIC]

Looks like it might have been related to this:

http://www.phpbb.com/community/viewtopic.php?t=1947925

If your password is weak then I would recommend resetting it to something new. If you got the captcha request then the chances are that your account was more than likely NOT breached. If you didn't, it doesn't mean it was breached (it simply might not have been attacked) - however I would recommend a password change just to make sure.

Happily the amount of damage any one doing an attack like this could do was extremely minimal other than put spam on the forums.

Matt.

[AndyM77]

Thankyou for the information Matt

[bigvern]

Changing password now...

Except I can't seem to fnd the function to do so in the UCP?

[NeutronIC]

You can't use the forum features to change passwords as the account management is outsourced to the main site.

Go to the main ukts site and look for "update my info" buried somewhere down the left hand side. One day I really need to make it a bit more obvious, it's well hidden right now

Matt.

[dorlan]

Alternatively:...

http://www.uktrainsim.com/common/updateuser.php?

[Easilyconfused]

I am aware of a number of tickets received in the last hour on the support system. I am trying to get in touch with an admin to get the situation looked at.

[NeutronIC]

This is an occasional gremlin that bites the site where the database just rejects all account verifications - a quick restart fixes it and I've now done that and verified I can log in.

If you *now* can't get in then please let us know.

Matt.