closing tag is in template navbar
Time Factors Watches



TZ-UK Fundraiser
Results 1 to 24 of 24

Thread: Failed login notification on my tz-uk account

  1. #1

    Failed login notification on my tz-uk account

    I received an email this afternoon to tell me that my tz-uk account had been locked because someone had tried (incorrectly) 5 times to put in a password. It was not me. The email told me what IP address was used for this.

    What should I do? Now it is unlocked again, but should I be taking security precautions? They donít seem to have hacked my password and I canít see that they have posted anything in my name. Is there any point in trying to track down the IP address and, if so, how?

    Thanks for any tips and sorry if this has been covered before.

    Thanks

    Ben


    Sent from my iPhone using Tapatalk

  2. #2
    Master
    Join Date
    Oct 2012
    Location
    Hertfordshire
    Posts
    2,248
    Blog Entries
    1
    I'm no computer security expert, but in light of a few TZers having their accounts hacked in the past, I would make sure I had a very secure password - the sort with a variety of numbers, upper and lower case letters and some 'special' characters.

  3. #3
    Grand Master wileeeeeey's Avatar
    Join Date
    Jan 2017
    Location
    N/A
    Posts
    11,462
    Sometimes this is Tapatalk I think.

    Worth checking something like https://whois.domaintools.com/ to see if the IP was vaguely local, at least UK.

  4. #4
    Quote Originally Posted by bmpf View Post
    I received an email this afternoon to tell me that my tz-uk account had been locked because someone had tried (incorrectly) 5 times to put in a password. It was not me. The email told me what IP address was used for this.

    What should I do? Now it is unlocked again, but should I be taking security precautions? They donít seem to have hacked my password and I canít see that they have posted anything in my name. Is there any point in trying to track down the IP address and, if so, how?

    Thanks for any tips and sorry if this has been covered before.

    Thanks

    Ben


    Sent from my iPhone using Tapatalk
    What was the IP address?

  5. #5
    Quote Originally Posted by jools View Post
    What was the IP address?
    212.187.124.203


    Sent from my iPhone using Tapatalk

  6. #6
    Grand Master wileeeeeey's Avatar
    Join Date
    Jan 2017
    Location
    N/A
    Posts
    11,462
    Quote Originally Posted by bmpf View Post
    212.187.124.203


    Sent from my iPhone using Tapatalk
    Amsterdam

  7. #7
    Grand Master Raffe's Avatar
    Join Date
    Feb 2012
    Location
    LŽtzebuerg
    Posts
    28,505
    Quote Originally Posted by bmpf View Post
    212.187.124.203


    Sent from my iPhone using Tapatalk
    That was Daddel.

    https://iplocationtools.com/212.187.124.203
    Someone who lies about the little things will lie about the big things too.

    Terry McAuliffe

  8. #8
    Grand Master Raffe's Avatar
    Join Date
    Feb 2012
    Location
    LŽtzebuerg
    Posts
    28,505
    On a serious note, unless you posted your email somewhere on the forum, I find these hacking attempts puzzling. Obviously there are many email/password combinations from the various data hacks in circulation and I can see how it is tempting for people to try these on various sites, knowing that many people will still use the same password across a number of sites. However, as TZ-UK to the best of my knowledge does not accept email addresses but only user names, it is difficult to see how the email/password combo could be matched to your user ID.

    But then I do not believe in coincidence, it's not like those people just take a random user and try five random passwords - they must have something in their possession why they are targeting you. Was there a security incident at another forum/site where you are using the same user name? Any other way to link your username with your email?

    In any case, a good idea to change your password.
    Someone who lies about the little things will lie about the big things too.

    Terry McAuliffe

  9. #9
    I see that ip address appears on three blacklists but is not on 50+ others. I'm never sure about the significance of an ip appearing on just a few blacklists, anyone know about these things?

  10. #10
    Grand Master Raffe's Avatar
    Join Date
    Feb 2012
    Location
    LŽtzebuerg
    Posts
    28,505
    I just realised that you are living in Amsterdam?

    Suppose you can look for the perpetrator in your private surroundings.
    Someone who lies about the little things will lie about the big things too.

    Terry McAuliffe

  11. #11
    Master PhilipK's Avatar
    Join Date
    Aug 2010
    Location
    Hampshire, UK
    Posts
    3,858
    Quote Originally Posted by jools View Post
    What was the IP address?
    IP address is an irrelevance. It can easily be obfuscated (e.g. by NAT) or disguised (e.g. by using a VPN), and doesn't really tell you anything.

    Quote Originally Posted by Raffe View Post
    But then I do not believe in coincidence, it's not like those people just take a random user and try five random passwords - they must have something in their possession why they are targeting you.
    Or it might just be finger trouble or a glitch, and not be a targeted attack.

  12. #12
    Quote Originally Posted by PhilipK View Post
    IP address is an irrelevance. It can easily be obfuscated (e.g. by NAT) or disguised (e.g. by using a VPN), and doesn't really tell you anything.


    Or it might just be finger trouble or a glitch, and not be a targeted attack.
    Genuine question: when I get a report from a website telling me the IP addresses of all the failed logins that have occurred, is there any point blocking them?

  13. #13
    Grand Master Raffe's Avatar
    Join Date
    Feb 2012
    Location
    LŽtzebuerg
    Posts
    28,505
    Quote Originally Posted by jools View Post
    Genuine question: when I get a report from a website telling me the IP addresses of all the failed logins that have occurred, is there any point blocking them?
    Most of the IPs will be shared addresses from the large ISP providers, no point blocking them.

    The real bad boys will work with obfuscation anyway, the chances to catch them via their IP are very low.

    IP addresses in the public internet are overrated as an identifier.
    Someone who lies about the little things will lie about the big things too.

    Terry McAuliffe

  14. #14
    Master M1011's Avatar
    Join Date
    Jun 2020
    Location
    London, England
    Posts
    1,502
    Quote Originally Posted by JonRA View Post
    I'm no computer security expert, but in light of a few TZers having their accounts hacked in the past, I would make sure I had a very secure password - the sort with a variety of numbers, upper and lower case letters and some 'special' characters.

  15. #15
    Are you sure itís not your own IP? Sometimes Tapatalk does that.

  16. #16
    Grand Master Raffe's Avatar
    Join Date
    Feb 2012
    Location
    LŽtzebuerg
    Posts
    28,505
    Quote Originally Posted by M1011 View Post
    Nice theory, but in reality most websites demand passwords with capital letters, numbers and symbols.

    Best is to use a password manager and create long unique strings (12+ characters).
    Someone who lies about the little things will lie about the big things too.

    Terry McAuliffe

  17. #17
    Master M1011's Avatar
    Join Date
    Jun 2020
    Location
    London, England
    Posts
    1,502
    Quote Originally Posted by Raffe View Post
    Nice theory, but in reality most websites demand passwords with capital letters, numbers and symbols.

    Best is to use a password manager and create long unique strings (12+ characters).
    It's not a theory, it's a mathematical fact

    That many websites demand passwords with capital letters, numbers and symbols is the point the image is illustrating. We've taught people to use passwords that are easier to crack and harder to remember.

    Password managers are a good/convenient alternative, albeit they have their downsides too.

  18. #18
    Grand Master Raffe's Avatar
    Join Date
    Feb 2012
    Location
    LŽtzebuerg
    Posts
    28,505
    Quote Originally Posted by M1011 View Post
    It's not a theory, it's a mathematical fact

    That many websites demand passwords with capital letters, numbers and symbols is the point the image is illustrating. We've taught people to use passwords that are easier to crack and harder to remember.

    Password managers are a good/convenient alternative, albeit they have their downsides too.
    I use 18 character strings with capitals, numbers and symbols and these are better than 20 character strings made from minor letters.

    That is a mathematical fact.
    Someone who lies about the little things will lie about the big things too.

    Terry McAuliffe

  19. #19
    Master M1011's Avatar
    Join Date
    Jun 2020
    Location
    London, England
    Posts
    1,502
    Quote Originally Posted by Raffe View Post
    I use 18 character strings with capitals, numbers and symbols and these are better than 20 character strings made from minor letters.

    That is a mathematical fact.
    Not if your starting point is zero knowledge of the password. In that instance, the computer will be checking every variation, and 20 is longer than 18. There's no reason to take the assumption someone has only used minor letters.

    I also suspect many folk using an "18 character string with capitals, numbers and symbols" aren't remembering the password themselves. They're either using the same one in lots of places (introduces vulnerability) or they're relying on 3rd party password storage (introduces vulnerability). Not saying you specifically, just generally.

    Anyway if you're interested, check out the opinion of the guy who wrote the book on passwords: https://www.wsj.com/articles/the-man...1-d-1502124118

  20. #20
    Grand Master Mr Curta's Avatar
    Join Date
    May 2014
    Location
    Mainly UK
    Posts
    13,915
    Both methods have strengths and weaknesses, and if used correctly they are both impenetrable to attack by almost all hostile actors. The problems occur when users compromise that integrity such as by repeating passwords across multiple sites, using 'random' words that have specific relevance to themselves or using a poorly protected vault.
    Inform - Educate - Entertain

  21. #21
    Right, Iíve just finished changing all my passwords to correcthorsebatterystaple.

    Dunno what Iíd do without this place sometimes 👍

  22. #22
    Grand Master Mr Curta's Avatar
    Join Date
    May 2014
    Location
    Mainly UK
    Posts
    13,915
    Quote Originally Posted by JGJG View Post
    Right, Iíve just finished changing all my passwords to correcthorsebatterystaple.

    Dunno what Iíd do without this place sometimes 
    I'd still write it down somewhere just in case. The last page of a notebook is safe, nobody ever thinks to look there.
    Inform - Educate - Entertain

  23. #23
    Quote Originally Posted by Mr Curta View Post
    I'd still write it down somewhere just in case. The last page of a notebook is safe, nobody ever thinks to look there.
    Iím thinking I could add some more bits-and-pieces of hen trophies by doing mirror writing, or invisible ink.


  24. #24
    Grand Master Mr Curta's Avatar
    Join Date
    May 2014
    Location
    Mainly UK
    Posts
    13,915
    Quote Originally Posted by JGJG View Post
    ...bits-and-pieces of hen trophies...
    I'm going to be using that.
    Inform - Educate - Entertain

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Do Not Sell My Personal Information