MNHQ, I know you've tightened up your password rules since the recent security breach, but it strikes me that you're still vulnerable so long as you allow people to log in with their Usernames. These are easily harvestable in bulk from the talk pages, and hackers can simply run algorithms which try millions of relatively guessable passwords (simple combos of dictionary words, names, numbers and common patterns of capitalisation etc) against each one in turn.
If the option to use usernames was removed and we were forced to use our email addresses instead, then the site would be far more secure.
Please or to access all these features
Please
or
to access all these features
MNHQ have commented on this thread
Site stuff
Login security
1 reply
asneakyone · 12/09/2015 22:31
OP posts:
Please create an account
To comment on this thread you need to create a Mumsnet account.