Mike

No he isn't...

Sorry, I will make my password harder...

Is this still an issue?

Has the problem gone away?

Servers move is complete! Now its just tweaking things from here...

This next week, I am relocating the server due to price increases of literally 50% .... this is due to energy cost The new facility will not be much different, however does offer a better "central" geologic location being in Dallas instead of Houston. The move will start Monday & be complete hopefully Wednesday. I will keep everyone posted and starting Monday do expect some down time, especially when the server is in the car on the way to Dallas, since its not wireless.

Just on schedule, I will be moving the backup server in the new data center in a few hours & either late tonight or tomorrow afternoon I will be moving the main server as well. Expect downtime of about 1-2 hours for the drive from Fort Worth to Dallas.

Server is up in the Dallas area! It took its time, stopped for dinner, then had some indigestion afterwards... Next and final move is to its new rack, which is currently scheduled for Wednesday afternoon.

Slow... Yes the past week I have been doing a lot to prepare, backups etc. Once it gets settled in by the end of this week things should be running pretty quickly.

I was wondering if anyone had an account here & if so I could be sent a invite so I can sign up and give it a try. http://www.grandcentral.com

If we can, lets hold out on this unitl we switch to the email logins instead of username.

A backup of members has been restored... While the post and topics are the only backups done nightly due to file size, in the future complete backups of the whole IPB database will be done to include member tables. Few things to keep in mind... If you updated your email address on the board recently, you will have to re-change this. (Sorry) Member post counts will be re-calculated this weekend, however it will cause some downtime. Obviously some other things related to your member profiles may be off, consider this an opportunity to reflect on your past and think of something new.

Wow, like Apple IIe games? 5 1/4 Floppies?

Ok, so even with access to the database, you couldn't find members passwords, is that correct? You need a combination of the hash in their cookie & whats on the server.

Got my lawn chair and beer...

Any other orders while im in the kitchen?

http://www.bigroom.co.uk/blog/php-password-security The above article is interesting for those who are interested in this matter. Regarding access to the actual database on the server, I am the only one with access to the actual database, not all the admins or moderators.

Interesting information. I looked in my cookies and wasn't able to find a hash that matched whats stored on the server. However if I give you guys a hash & salt anyone thing they can break the code? I tried with a few tools & unless your password is numbers only or a single word in the dictionary you can forget trying to find it.

http://forums.invisionpower.com/lofiversio...hp/t166146.html Above is a link to some post about IPBs password security algorithms in 2005. Back then, these are near impossible to break. Today, its near impossible (by the known methods at least). I know a lot of this doesn't make sense, but basically the way currently the password algorithm works, is you have a randomly generated number on your computer stored as a cookie. This is referred to as a "salt" in the MD5 world. When you come to login this randomly generated sequence when combined with your password (in MD5 form) are combined. They equal a sum which must match the servers. So to really break in to an account password, your have to get that salt from your computer. However, as time tells us, there are always security issues with software, generally all the ones that allow people to cause trouble or account hijacks on forums are caused by text in the post. I.e. if you post special codes or commands, etc in a topic, is how most attacks are done. Also, the ONLY way to access the raw MySQL database is to be either on the server itself. This is the only place to get only part of your password in the decoded form. What I tell everyone who brings up passwords is to make up atleast 3 levels of passwords, you can do two or nine, thats up to you. Each level is for certain types of accounts. Common accounts | i.e. your TSM password is what you would want to use with all the other sites you don't care about...FaceBook, YouTube, etc. Semi-Secure/Important Accounts | i.e. Your email accounts, (Yahoo, MSN, Gmail, or ISP accounts or web hosting. Important/Criticial Accounts | Lastly, you use the 3rd level for bank information, and everything to up most importance. Your password in my opinion should ALWAYS be at least 8 characters long and include a number and a symbol. It has been proven, even if a hacker has what they need an 8 character password containing a number and symbol, given the possibilities, will take several thousand times longer to break than a name, or even worst a simple 8 digit number as a password. Also if you follow this rule, you won't have to make up more passwords because this fits the requirements of nearly every other website. i.e. Banks, ISPs, etc

To change your email do the following: Click MY CONTROLS (top right of the forums) --> Look for Change Email Address (on the left side menu, under options) --> here it will display your current email and also give you a chance to change your email. If you change it, you will have to confirm it by clicking a link in the email it sends you.

The video should be working again...

adminbot is Luke Skywalker

The two skins that were removed was the red one and the black one. It was causing too many errors on the server, not to mention the header wasn't even correct and it had other bugs too. The pro skin will be returning as soon as I fix it. I do plan on adding some other skins after all this too. If you guys run across any good ones, post them here.

The server went on strike this morning against some ram, however all is resolved now.

a 2nd Guitar Hero III for the Wii.