Security issue- password reset itself at 00:00AM

Questions and Answers : Web site : Security issue- password reset itself at 00:00AM
Message board moderation

To post messages, you must log in.

AuthorMessage
Crun-chi
Volunteer tester
Avatar

Send message
Joined: 3 Apr 99
Posts: 174
Credit: 3,037,232
RAC: 0
Croatia
Message 1119203 - Posted: 19 Jun 2011, 23:54:30 UTC
Last modified: 20 Jun 2011, 0:07:41 UTC

Hi, I have next problem. I sow that my gmail address was accesed from other country, and last two days password on all Boinc projects reset itself at 00:00 AM ( or near this time). So I login with auth number, chaged it , and after 24 hours when I try login it says password is invalid. How to solve this?
Now I change e-mail and password to post this. Can someone of site admins look at log and see from what location /ip reseting of password is coming?
Thanks
ID: 1119203 · Report as offensive
Crun-chi
Volunteer tester
Avatar

Send message
Joined: 3 Apr 99
Posts: 174
Credit: 3,037,232
RAC: 0
Croatia
Message 1119342 - Posted: 20 Jun 2011, 13:22:53 UTC - in response to Message 1119203.  

UPDATE: Password are chaged, I log in using auth method.
So please, can one of system admin help me?
thanks
I am cruncher :)
I LOVE SETI BOINC :)
ID: 1119342 · Report as offensive
Profile Jord
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 15184
Credit: 4,362,181
RAC: 3
Netherlands
Message 1119349 - Posted: 20 Jun 2011, 13:40:46 UTC - in response to Message 1119342.  
Last modified: 20 Jun 2011, 13:41:49 UTC

Any Seti administrator won't be into office for another hour or two. Remember that they live on Californian time and only come in at around 9am local time, 8am at the earliest. You have to subtract 9 hours from your own local time to get to the correct time in Berkeley. So, it's only 6:40am over there.

I did email them to ask to check this thread. You'll need some further patience.
ID: 1119349 · Report as offensive
Profile skildude
Avatar

Send message
Joined: 4 Oct 00
Posts: 9541
Credit: 50,759,529
RAC: 60
Yemen
Message 1119405 - Posted: 20 Jun 2011, 15:50:22 UTC - in response to Message 1119349.  

In the mean time you should be doing a thorough virus and malware scan. You probably have something onboard your computer where someone or something can read your keystrokes or use your computer remotely


In a rich man's house there is no place to spit but his face.
Diogenes Of Sinope
ID: 1119405 · Report as offensive
Crun-chi
Volunteer tester
Avatar

Send message
Joined: 3 Apr 99
Posts: 174
Credit: 3,037,232
RAC: 0
Croatia
Message 1119406 - Posted: 20 Jun 2011, 15:50:59 UTC - in response to Message 1119349.  
Last modified: 20 Jun 2011, 16:20:35 UTC

Since I refformated hard disc, then use another new hard disc, and install OS there is no chance that some "evil thing" is on my computer. But still passwords are changed. I think I found weak spot, but I will not about that on this board. Still waiting that someone from site admins contact me.
Thanks
I am cruncher :)
I LOVE SETI BOINC :)
ID: 1119406 · Report as offensive
Crun-chi
Volunteer tester
Avatar

Send message
Joined: 3 Apr 99
Posts: 174
Credit: 3,037,232
RAC: 0
Croatia
Message 1119407 - Posted: 20 Jun 2011, 15:52:23 UTC - in response to Message 1119405.  
Last modified: 20 Jun 2011, 16:19:59 UTC

In the mean time you should be doing a thorough virus and malware scan. You probably have something onboard your computer where someone or something can read your keystrokes or use your computer remotely

skilldude, I use new hard disc and do fresh install , so that cannot be case :(
I am cruncher :)
I LOVE SETI BOINC :)
ID: 1119407 · Report as offensive
Profile skildude
Avatar

Send message
Joined: 4 Oct 00
Posts: 9541
Credit: 50,759,529
RAC: 60
Yemen
Message 1119408 - Posted: 20 Jun 2011, 15:53:18 UTC - in response to Message 1119407.  

I see that now


In a rich man's house there is no place to spit but his face.
Diogenes Of Sinope
ID: 1119408 · Report as offensive
Crun-chi
Volunteer tester
Avatar

Send message
Joined: 3 Apr 99
Posts: 174
Credit: 3,037,232
RAC: 0
Croatia
Message 1119463 - Posted: 20 Jun 2011, 19:15:21 UTC

Anyone?
I am cruncher :)
I LOVE SETI BOINC :)
ID: 1119463 · Report as offensive
Profile David Anderson
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 13 Feb 99
Posts: 173
Credit: 502,653
RAC: 0
Message 1119607 - Posted: 21 Jun 2011, 5:58:43 UTC - in response to Message 1119463.  

I changed the authenticator of your account.
Please email Jord to get this from him.
Then use it to log on and reset your email address and password.

-- David
ID: 1119607 · Report as offensive
Profile Jord
Volunteer tester
Avatar

Send message
Joined: 9 Jun 99
Posts: 15184
Credit: 4,362,181
RAC: 3
Netherlands
Message 1119636 - Posted: 21 Jun 2011, 8:09:21 UTC
Last modified: 21 Jun 2011, 8:11:21 UTC

Crun-chi, I have your new authenticator.
I did PM you my email address, but it's possible that the bad guy changed your email address & password, so now you're locked out of your account as the authenticator won't be the same.

If you can't log in to your present account, you need to make a new one for temporary use. I will PM you the email address of choice then on that account.

You will have to detach from Seti with your computer(s) as well, as they use a non-existing authenticator now. Yes, any work you have in progress will get lost, but that can't be helped at this stage. You can reattach to your account (the same one with all the credit) at a later stage, after we locked the bad guy out.

You can post on these help desk forums with a new account with no credit/no RAC. I think you can also PM with it, test that out please.
ID: 1119636 · Report as offensive
Profile BilBg
Volunteer tester
Avatar

Send message
Joined: 27 May 07
Posts: 3720
Credit: 9,385,827
RAC: 0
Bulgaria
Message 1119957 - Posted: 22 Jun 2011, 11:42:54 UTC - in response to Message 1119636.  
Last modified: 22 Jun 2011, 11:54:37 UTC


I think it will be good to wait for Crun-chi to attach his computer to the new "empty" account.
This way he will prove the new account is in fact his and not of some cheater.

After you see the same computer details:
http://setiathome.berkeley.edu/show_host_detail.php?hostid=5923060

... listed on the new "empty" account you will be more confident who do you contact by PM or email.


@Crun-chi
I suggest you to refrain from checking (log-in) your account using public places or your "friend's" computers.

Use only your computer's browser (Google Chrome is notorious to not protect in any way the saved passwords)
and for now don't give others physical access to your computer (e.g. at party).


 


- ALF - "Find out what you don't do well ..... then don't do it!" :)
 
ID: 1119957 · Report as offensive
Profile Gundolf Jahn

Send message
Joined: 19 Sep 00
Posts: 3184
Credit: 446,358
RAC: 0
Germany
Message 1119967 - Posted: 22 Jun 2011, 12:58:45 UTC - in response to Message 1119957.  

@Crun-chi
I suggest you to refrain from checking (log-in) your account using public places or your "friend's" computers.

Use only your computer's browser (Google Chrome is notorious to not protect in any way the saved passwords)
and for now don't give others physical access to your computer (e.g. at party).

That's all good advice but useless if something happens to you as did to NATE1 (someone dug up the cable and spliced in some device). See here :-(

Gruß,
Gundolf
ID: 1119967 · Report as offensive
Profile skildude
Avatar

Send message
Joined: 4 Oct 00
Posts: 9541
Credit: 50,759,529
RAC: 60
Yemen
Message 1125125 - Posted: 6 Jul 2011, 15:15:01 UTC - in response to Message 1119967.  

that would seem to be an extreme case of dumb hacking


In a rich man's house there is no place to spit but his face.
Diogenes Of Sinope
ID: 1125125 · Report as offensive

Questions and Answers : Web site : Security issue- password reset itself at 00:00AM


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.