Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Normal
Not long ago I had contact with Troy Hunt of https://haveibeenpwned.com about the mass of account databases that have been breached lately. Especially vbulletin forums. Troy can hardly keep up with the amount of databases that are available on the net. Here are the latest breaches: https://feeds.feedburner.com/HaveIBeenPwnedLatestBreachesThere now are billions of account name & passwords combinations that hackers have access to. All they need to do is to query xenforo to see which of these exist on a site. Which can currently be done without limit. Then half of the work is done and the related passwords for those accounts can be tried with 4 attempts, but they only need one try per account to see if the password matches.I think it would be a good move if xenforo would treat this partial vulnerability as an important issue.
Not long ago I had contact with Troy Hunt of https://haveibeenpwned.com about the mass of account databases that have been breached lately. Especially vbulletin forums. Troy can hardly keep up with the amount of databases that are available on the net. Here are the latest breaches: https://feeds.feedburner.com/HaveIBeenPwnedLatestBreaches
There now are billions of account name & passwords combinations that hackers have access to. All they need to do is to query xenforo to see which of these exist on a site. Which can currently be done without limit. Then half of the work is done and the related passwords for those accounts can be tried with 4 attempts, but they only need one try per account to see if the password matches.
I think it would be a good move if xenforo would treat this partial vulnerability as an important issue.
We use essential cookies to make this site work, and optional cookies to enhance your experience.
See further information and configure your preferences