donators

n@work Internet Informationssysteme GmbH
Your ad here

Advertising

typo3.org password leaked - CHANGE YOUR PASSWORDS

By: Thomas

14.11.08 13:40 Age: 1 yrs

Hello,

An unauthorized person gained administrative access to typo3.org backend due to a weak password of one of the backend users. The backend was NOT hacked as I wrote before.

All accounts are currently locked. Because of the single sign on solution, this also affects forge and bugs and some other domains. It's highly recommend to change all your passwords that might be similar to the password you used as your typo3.org account. To make it clear! This affects ALL frontend user accounts. Not only the backend users!

It's a really bad situation and even if the passwords where stored a md5 hashes. If you have very simple passwords (a single word for example) it is possible to get your password from a dictionary for example! So once again: 

CHANGE YOUR PASSWORDS IF THEY ARE SIMILAR TO THE TYPO3.ORG FE ACCOUNT!

 

Greets,
Thomas

 

2 Responses to “typo3.org password leaked - CHANGE YOUR PASSWORDS”

#1: Juergen Egeling commented on Saturday, 15-11-08 17:38

Gravatar: Juergen Egeling

Hi,
as far as we investigated, typo3.org was not hacked, but one password was exposed, and a person not allowed to use the backend was using a backend login. I recommend reading http://en.wikipedia.org/wiki/Social_engineering_(computer_security) and http://en.wikipedia.org/wiki/Password_policy (do not have the same pasword on two websites.)
best
Juergen


#2: Thomas commented on Saturday, 15-11-08 21:00

Gravatar: Thomas

Hi Jürgen,

yes you're right. The page was actually not hacked and I used an inappropriate wording. Changed that.

Greets,
Thomas


Calendar

November 2008
M T W T F S S
« Oct   Jan »
 12
3456789
10111213141516
17181920212223
24252627282930

Latest comments

  • Thomas

    It is! Please check the top left corner above the menu. :-) Greets, Thomas

  • Phlogi

    Could you activate the search function in doxygen? Thanks

  • Kristian

    Thanks, I have the same quicksilver setup as you describe and have just spend over an hour trying to...

  • Thomas

    Hi Gina, interesting way to contact me. ;-) Anyway, we the amazing number of 52 complete and 21 i...

  • gina

    hey thomas, shouldn't we close the survey now? could you have a look how many people took part? if ...

Advertising