How to Protect Your Site from Crackers

[Simpsons Rule]

Some people have problems with their ProBoards accounts being cracked. That is, someone manages to get their password and then messes up their site. There are a few simple rules that will help prevent this from hapening.

First, never use the same password twice. If you register at another forum, don't use the same password as your forum. The other person could always just change your e-mail address, click Forgot Password and get it that way. Always use a new password.

Also, make sure that password is random. The best way I've been able to make passwords is to create a sentence, with numbers, and use the first letter of each word as the sentence. For example, if my sentence was:

Today, the 7 of February, I made this post.

My password would be Tt7oFImtp. If you want to make it even more secure, use this site to get a random password made for you:

javascript.internet.com/passwords/password-generator.html

Make sure the character limit is set high. 8 or 10 should be enough.

Make sure you don't use the password to your account for password protected Boards, and don't give your Admins or G. Mods access to your Admin account. Also, make sure your staff follows these instructions as well. If even one staff account gets cracked, the entire site can go down.

Also, make sure you have a just as secure password on your e-mail account as you do for your ProBoards account. People can click Forgot Password and then crack into your e-mail account for the e-mail.

I suggest all Staff Hides their e-mail addresses in their profile, and a new, universal e-mail address is created just for the site. Register the site with the e-mail address, and use it for contacting you. That way it won't get spammed and it'll be secure.

[Dan Riordan ©]

Hi Simpsons.

When someone log into their account and click on the 'Always Stay Logged In', is it possible for a cracker to still access your account?

[Simpsons Rule]

Yes. Clicking Always Stay Logged In creates a perminant cookie on your computer that has your log in information (username and password). This doesn't really change anything about your account, so it can still be cracked.

[Silkstar]

Hackers can't do the e-mail address thing cause now we have activation keys.

[JZSquared]

silkstar said:

Hackers can't do the e-mail address thing cause now we have activation keys.

This was made during version 3 of Proboards.

[Mickcy©®]

jzsquared said:

silkstar said:

Hackers can't do the e-mail address thing cause now we have activation keys.

This was made during version 3 of Proboards.

Yes,
But when you register on a forum then you get a activation key BUT with your password and username.
I register with my main email and then change it to a special if you change your email you get again a activation key but WITHOUT your password or username or both then they can´t look in your profile for your email and then try hack in into your email.
I use that but every one haves its own ways to protect his/her account.

[JZSquared]

mickcy said:

jzsquared said:

This was made during version 3 of Proboards.

Yes,
But when you register on a forum then you get a activation key BUT with your password and username.
I register with my main email and then change it to a special if you change your email you get again a activation key but WITHOUT your password or username or both then they can´t look in your profile for your email and then try hack in into your email.
I use that but every one haves its own ways to protect his/her account.

Or you could always choose to hide your email on the message boards you're on. Plus you should always remember to change your passwords frequently and to something that is alpha numeric mixed so it's harder to figure out. And never make it anything that anyone can find out like your mothers maiden name or birthdays or anything like. Pick something that no one would think you would ever use and that should protect you. There are also password generators online if you want to look them up on your favorite search engine. They can only get into your account if they can figure out your password.

[Mickcy©®]

Hotmail has a good password checker, accountservices.passport.net/reg.srf?id=2&sl=1&lc=1033
I suggested that you use random characters and at least 10 characters and change so once every week or 2.
If you make it 14-20 characters then its impossible to crack(if you keep changing it yes) Unless you tell someone your pass, then your screwed.
A good password takes months to crack.
I found a faq somewhere about how to prevent your forum from being cracked, spammersforum.proboards49.com/index.cgi?board=prospam&action=display&thread=1129392011

Oh before I forget(what I almost did)

Hackers can't do the e-mail address thing cause now we have activation keys.

Its crackers not hackers, crackers just get somehow your password by guessing it or using a password cracker.
Hackers can get into your computer and plant for example a virus or spyware(I'm not going into details of how they do it) and they can gain FTP access.
But almost all real hackers are good (many people say that they can hack but they can't or they are script kiddies(n00bs))

[JZSquared]

Yeah I heard somewhere that Proboards is virtually impossible to hack, though I'm sure that a high level hacker could do it, but they wouldn't want to waste their time. And yeah you can put that link in the post, I don't mind and I don't know why anyone else would. I mean it's relevant to what we're talking about, it's not like it's malicious or spamming.

[demosthenes]

Thanks tath really do es help and wow I've screwed up.

[JZSquared]

demosthenes said:

Thanks tath really do es help and wow I've screwed up.

How have you "screwed up"?

[rob]

admin said:

Today, the 7 of February, I made this post.

My password would be Tt7oFImtp.

That's actually a really good idea. Probably put a few numbers after it as well to make it harder to crack.