Thursday, November 22nd 2012

Please Reset Your TechPowerUp Forums Password

Earlier today (22/11), TechPowerUp servers were hacked. The attacker gained access to the forums user database, the one which stores user information. Details such as usernames, hashed and salted passwords fell into the wrong hands. Thanks to GPGPU, the passwords are as good as compromised. We have undertaken a security review, and are mandating a password change for all users. Your old password will not work, click on "forgot password" link and follow the instructions to reset it. If you use the same password (as your old TPU password) elsewhere (other sites), change it to something completely different. We sincerely apologize for the inconvenience, and promise to improve our security infrastructure.

If you no longer have access to the email account you used to register, please email w1zzard@techpowerup.com and mention your username, old e-mail, new e-mail and IP address you typically use to post on the forums.
Add your own comment

221 Comments on Please Reset Your TechPowerUp Forums Password

#2
Kreij
Senior Monkey Moderator
PM W1zz or maybe a supermod, Morg. Not sure who can all do that, but regular mods cannot.
Posted on Reply
#3
Morgoth-2
i did he told me to sheck my spam filters i have no idea where they are..
Posted on Reply
#4
plywood99
PW reset, thank you for the heads up on this.
Now to ask a few questions...

1) Wizz, I know what Hashed and Salted means, but maybe you could enlighten us a bit more?
What methods were used? A properly salted and hashed password table will be pretty much useless to hackers correct?

2) You mention "upgrading" to banking grade security. What grade was the security that got hacked then? Grade school basic programming?

3) Why is it that sites always wait till they are hacked then say ZOMG we better upgrade. Would it be best to wait till after I jump from an airplane to make sure I have a proper parachute?

Not trying to flame mind you, but this is quite a pisser...
Posted on Reply
#6
silkstone
Password reset, i'm kind of glad i only use a very weak, memorable, generic password for non-sensitive web sites. I try to use stronger individual passwords to any sites that can cause me damage if hacked, just in case any of the non-essential ones do.
Posted on Reply
#7
THE_EGG
Ahhhh, that's why I couldn't log in...

Thanks for the heads up. Going to change it to a different password now instead of back to my old one :)

Still trying to work out why anyone would want to hack TPU (apart from access to user emails/passwords, personal details etc) :( What has TPU ever done :cry:
Posted on Reply
#8
bmaverick
Updated, and went to 8-characters with alphanumeric and capitals. :)
Posted on Reply
#9
ColdRush
This means they have our registration emails as well? Sigh...
Posted on Reply
#10
speedpc
by: ColdRush
This means they have our registration emails as well? Sigh...
Thanks for the heads up !!! :respect: But as stated b4 should we be concerned about out changing our email address ?? Thx keep use in the loop wizzard
Posted on Reply
#11
Irony
Maybe have email addresses but not passwords; as long as you used a different password for TPU than your email account. I didn't use this password for anything else incredibly important.
Posted on Reply
#12
NutZInTheHead
da*n it. first it was Nvidia forums forced me to change password and now this.

I'm already having trouble remembering the 15 or so passwords for different sites.
Posted on Reply
#13
Irony
by: NutZInTheHead
I'm already having trouble remembering the 15 or so passwords for different sites.
Pencil and a big chief tablet. :laugh:
Posted on Reply
#14
silkstone
by: Irony
Pencil and a big chief tablet. :laugh:
I find Keepass works great, You just need to remember 1 strong password and backup the database file in a couple of places.
Posted on Reply
#15
Mindweaver
Moderato®™
Well shit! Now I have to change the password for all the sites I go too... Errr wait I only go to TechPowerup!... hehehe :toast: Good catch guys! :toast:
Posted on Reply
#16
Goodman
TPU password change done!

I also change my email password it didn't work anymore but i think it was more i who forgot the password then anything else?
I think last time i log on to this email was like a year ago lol! (rarely go see my emails specially this one)
Posted on Reply
#17
johnspack
by: Kreij
Okay, back to helping you all after that short, inspiring intermission.
Heheh, enjoyed the clip, Queen is classic!
Posted on Reply
#18
micropage7
thanks for rapid recovery of TPU


after read this
its kinda nice to have TPU back and for all the person in TPU that bring this forum back to normal again :toast: :toast: :toast:
Posted on Reply
#19
sic_doni
oooh...
that's why I can't access TPU forum this morning...

I've reset my password :D
Posted on Reply
#21
dr emulator (madmax)
by: manofthem
Ah, so this is why I couldn't log in earlier, had me worried. After submitting the Forgot Pass email, it did take a few minutes before receiving it, which also had me worried. Hopefully we are safe now

But why would anyone want to hack TPU? This is the bomb diggity. I just don't get it. :shadedshu
someone hacked a place i modded at and plastered spam all over ,

so i posted a message back where they said they were from and told them that we were going to sue them for malicious damage ,

i wish i could get hold of their pc :mad:

and in answer to why ,well because they are idiots:shadedshu

wizz take the hacker to court and take e'm to the cleaners that'd teach e'm :D
Posted on Reply
#22
dr emulator (madmax)
by: Morgoth-2
i did he told me to sheck my spam filters i have no idea where they are..
if you use msn ,sometimes it can see techPowerUp.com as spam ,(just look in your junk folder)

assuming you have a message from w1zz ,put a tick in the check-box next to the techPowerUp message ,and press the Not junk link above that mail

and that should stop any future messages from here being seen as spam :toast:
Posted on Reply
#23
Morgoth-2
i mis my account... there are no tpu mails in my junk mail, only mails i got from tpu is the ones from wizzard not the password recovery
what is the email adres used by password recovery?
Posted on Reply
#24
Morgoth
yay found the spam filters
Posted on Reply
#25
Kreij
Senior Monkey Moderator
Welcome back, Morg. lol
Posted on Reply
Add your own comment