Due to a security breach we are resetting all passwords across Mumsnet

[RebeccaMumsnet]

Following the recent security breach related to Heartbleed we are reseting the passwords of all users.

On Saturday 12 April, we will remove all passwords from our system and to use the site, you'll need to reset your password by clicking on the password reset link.

Type in your email address and click the 'Request reset' button and you will receive a mail to your Mumsnet registered email account. (You will need to click on the link in the mail within 30 minutes of receiving it, without changing the device you're using i.e swapping from phone to laptop, or you'll need to request a further reset).

If you do not receive a mail, please check you spam folder. The password reset mail will come to the email you used when you first registered with Mumsnet.

If you don't receive or can't access your reset mail, please [email protected] for help.

We are very sorry for all the fuss. We want to assure you that we followed all the published steps to protect members' security as soon as we became aware of the heartbleed security risk, but it seems that the breach occurred prior to that risk becoming known.

Most importantly, if you use the same password here as elsewhere, we strongly recommend you change your password on the other sites too.

Thanks,

Justine & the MNHQ team

We will try to get to the bottom of it, although in all honesty it's probably not going to happen tonight... sorry

FWIW we've had a couple of mails saying Hotmail and Yahoo mail both seem to be struggling tonight (with their own issues) - so it's possible that some of these non-receipt issues are to do with your email providers rather than us. But we'll try to work it out.

Rowan - I work in email marketing and database management and under ico rules you're allowed to contact people with what's classed as a 'fulfilment' type email even if they have asked not to be emailed, so you wouldn't be falling foul of spam rules if you emailed everyone :)

Well, I am going to bed.

Tomorrow will tell if the Langoliers came and ate mumsnet, or me. Or all of us. Or if Godot wrote himself into an alternative ending, and in fact arrived. (Maybe he did, when the curtains had fallen and we all left this theater)

It took me forever to change my password, it wouldn't let me do it for ages.

I thought I'd lost you all forever.

Baffled

No reset email through yet. Will have to try again tomorrow.

Yes, but it is sensible of MNHQ to do it this way, as it circumnavigates scammers making use of the situation and sending Phishing emails with links, which will cause further problems for users.

If users knows there is a thread with a link, they will maybe be more suspicious if a bulk mail saying "Dear MN member, please click on the link below to change your username" just to be taken to a copy cat site where they give away their usernames and passwords.

Users may not be able to distinguish between a scam email and a legitimate one.

This always happen in the wake of a security breach, scammers target users by sending random phishing emails to their entire list, scatter gun approach, hoping SOMEBODY will fall for it.

I've tried twice, but no email? Can't get the link to contact you to work either. Will try again tomorrow too.

Sorry Beertricks. Have It will make it better.

Who were you Friedbrain?

I took less than a minute to change. Thanks.

Maryz, I saw it at the Old Vic, with Ben Kingsley, SWOON.

Yup. It was a delight.

More edge than Death of a Salesman.

Forgive me if this has already been mentioned (people saying they couldn't remember stuff prompted me!) but I went to a cyber security event where they said you're better off writing down a really complicated password that you keep near your PC than using something easier/memorable.

Largely as the chances of being hacked are far greater than that of someone breaking into your house and logging onto your computer. Might be worth keeping in mind for those worried that they can't remember more secure passwords.

not received it either

But to make long and complicated passwords memorable, you can make your own system.

Like

Site + your first car/pet/school + random number like 893:
MumsnetTrinityHigh893
NextTrinityHigh893
HotmailTrinityHigh893

Virtually impossibly for anybody to get, but as long as you remember "your" code, and random numbers, you will be fine. You can add £$% anywhere in it.

Oslo Treaty Plan! Jan Egeland was in the UN peace keeping force.

My son had his moviestarplnt password on a piece of paper by his machine. I dont need to tell you what happened next.