Greenguy's Board


Go Back   Greenguy's Board > General Business Knowledge
Reload this Page PASSWORD SHARING ALERT TO ALL PAYSITE OWNERS!!!
Register FAQ Calendar Today's Posts

Reply
 
Thread Tools Search this Thread Rate Thread Display Modes
Old 2006-06-10, 04:33 AM   #1
frankthetank
Stupid risks make life worth living
 
Join Date: Jan 2005
Location: Renesse NL
Posts: 386
Send a message via ICQ to frankthetank
Quote:
Originally Posted by [BV]
... as 99% of shared passwords are not shared by the owner.
Thatīs interesting but I have to admit I canīt follow. If the owner of the password doesnīt share it, where do they get it from?

Is it a guess or do you think they use spy software?

Iīm not familiar with those problems because I donīt run a pasite yet, but Iīm building one. So itīs an interesting part for me.
frankthetank is offline   Reply With Quote
Old 2006-06-10, 06:19 AM   #2
spazlabz
You can now put whatever you want in this space :)
 
spazlabz's Avatar
 
Join Date: Apr 2003
Location: Bluegrass State
Posts: 963
Send a message via ICQ to spazlabz Send a message via AIM to spazlabz Send a message via Yahoo to spazlabz
Quote:
Originally Posted by frankthetank
Thatīs interesting but I have to admit I canīt follow. If the owner of the password doesnīt share it, where do they get it from?

Is it a guess or do you think they use spy software?

Iīm not familiar with those problems because I donīt run a pasite yet, but Iīm building one. So itīs an interesting part for me.
there are programs out there for people who really enjoy hacking paysites that make it very easy
hackers comes along and wants to se your content or show off that he can 'hack' a site all they need is;
the right software (extremely easy to get)
a descent sized word list
your members URL (http://www.yoursite.com/members) authorization failed provies this quickly
5 proxies (again easy to find)

you get get literally dozens of working U/Ps in under a minute esp if the site has been around for awhile. New sites are harder to hack like this.


spaz
__________________
spazlabz is offline   Reply With Quote
Old 2006-06-10, 07:25 PM   #3
[BV]
I want to set the record straight - I thought the cop was a prostitute
 
[BV]'s Avatar
 
Join Date: Dec 2004
Location: Florida
Posts: 292
Send a message via ICQ to [BV]
Quote:
Originally Posted by frankthetank
Thatīs interesting but I have to admit I canīt follow. If the owner of the password doesnīt share it, where do they get it from?

Is it a guess or do you think they use spy software?

Iīm not familiar with those problems because I donīt run a pasite yet, but Iīm building one. So itīs an interesting part for me.
Yes, basically I would classify it as a guess, that's why you do not want your members picking their own passwords.

You want to generate them a random pass. Makes it much harder for the hackers and their scripts to guess. They basically try thousands and thousands of user pass combos on your site until they find one that works. Another reason why you want to use something like proxypass. After one IP tries to log in unsuccessfully after so many times it bans that IP for a period of time.

Now as far as the old user pass, if someone tries to log in using the shared combination again, you send them to a fake members area.
__________________
BVBucks.Com
BVCash.Com
[BV] is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 12:24 AM.

Contact Us - Greenguy's Board - Archive - Top

Mark Read
Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Đ Greenguy Marketing Inc