Notices
Forum Suggestions & User Assistance Have a suggestion for the forums? Need help with the Forums? Post here.

Failed Login Notification

Old 10-30-21, 07:47 PM
  #1  
3alarmer 
Friendship is Magic
Thread Starter
 
3alarmer's Avatar
 
Join Date: Nov 2010
Location: The Big Tomato
Posts: 20,784

Bikes: old ones

Mentioned: 292 Post(s)
Tagged: 0 Thread(s)
Quoted: 23616 Post(s)
Liked 7,110 Times in 5,061 Posts
Failed Login Notification

...I got this email this morning.

Bike Forums

to me

8:03 AM (10 hours ago)


Dear 3alarmer,

Someone has tried to log into your account on Bike Forums with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

The person trying to log into your account had the following IP address: 2607:fb90:276a:303f:5927:f2ec:4e6c:616d

All the best,
Bike Forums
It certainly wasn't me, and I was still warm under the covers at 8:03 on a Saturday morning. Do I need to worry about it ? TIA
3alarmer is offline  
Old 11-01-21, 07:24 AM
  #2  
livedarklions
High Performance Noodler
 
livedarklions's Avatar
 
Join Date: Jun 2018
Location: New England
Posts: 13,213

Bikes: Serotta Atlanta; 1994 Specialized Allez Pro; Giant OCR A1; SOMA Double Cross Disc; 2022 Allez Elite mit der SRAM

Mentioned: 57 Post(s)
Tagged: 0 Thread(s)
Quoted: 6878 Post(s)
Liked 6,800 Times in 3,828 Posts
Originally Posted by 3alarmer View Post
...I got this email this morning.

Bike Forums

to me

8:03 AM (10 hours ago)




It certainly wasn't me, and I was still warm under the covers at 8:03 on a Saturday morning. Do I need to worry about it ? TIA

My theory is that if they failed to get in, my password is working.


You can't change the account name, so there's literally no way to stop someone from making the attempt.

Also, do not respond to that email notice or click on any links--sometimes scammers spoof notices like that to phish and it's easy to miss that you're actually communicating with a 3rd party.
livedarklions is offline  
Likes For livedarklions:
Old 11-01-21, 02:27 PM
  #3  
Iride01
MotuekaCascadeChinook
 
Iride01's Avatar
 
Join Date: Jul 2017
Location: Mississippi
Posts: 11,125

Bikes: Tarmac Disc Comp Di2 - 2020

Mentioned: 42 Post(s)
Tagged: 0 Thread(s)
Quoted: 4498 Post(s)
Liked 3,011 Times in 2,101 Posts
You might see what your phone and pc's IPv6 shows up as to others. There are some IP tool sites and sites that check how secure your firewalls and such are that can give you that info. A quick look up on that IP shows it as being in Sacramento CA.

Do you leave your phone on at night? Maybe it was doing strange things after some update it might have installed at that time.

Otherwise, I'd check the email headers and embedded links in the message to see if they look like legitimate BF links. Might be legit, or might be phishing as livedarklions warned of.
Iride01 is offline  
Old 11-02-21, 09:40 AM
  #4  
3alarmer 
Friendship is Magic
Thread Starter
 
3alarmer's Avatar
 
Join Date: Nov 2010
Location: The Big Tomato
Posts: 20,784

Bikes: old ones

Mentioned: 292 Post(s)
Tagged: 0 Thread(s)
Quoted: 23616 Post(s)
Liked 7,110 Times in 5,061 Posts
Originally Posted by Iride01 View Post
You might see what your phone and pc's IPv6 shows up as to others. There are some IP tool sites and sites that check how secure your firewalls and such are that can give you that info. A quick look up on that IP shows it as being in Sacramento CA.

Do you leave your phone on at night? Maybe it was doing strange things after some update it might have installed at that time.

Otherwise, I'd check the email headers and embedded links in the message to see if they look like legitimate BF links. Might be legit, or might be phishing as livedarklions warned of.
...I am an American Primitive. I have no smart phone, and I use only one desktop to access the forum. It is a shared computer, but I'm pretty sure it was powered down at that time on that day. But thank you for the lookup assistance. I guess if it ain't broke, I won't fix it.
3alarmer is offline  
Old 11-04-21, 12:38 PM
  #5  
RubeRad
Keepin it Wheel
 
RubeRad's Avatar
 
Join Date: Aug 2011
Location: San Diego
Posts: 9,858

Bikes: Surly CrossCheck, Krampus

Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 22 Post(s)
Liked 2,253 Times in 1,634 Posts
I'm pretty primitive too (as I'm fond of virtue signalling, I use my work-provided smartphone as little as possible). I only ever surf BF in a desktop browser.

I would recommend you get a free account from Bitwarden (or any other password manager, but Bitwarden is what I chose, and I am very happy with it), and get familiar with how to use it by changing (almost) all your passwords to random strings of 20+ characters that the password manager can remember for you. Install the browser extension, so it can autofill (most) username/password boxes when you go to a site to log in (the ones it can't do are only a few clicks to copy/paste).

I say "(almost) all your passwords", you want one good strong rememberable but typable password for unlocking your password manager, and another one for whatever email account you would need to get into to change all those passwords, in the event you somehow get locked out of the password manager.

I did this finally like 9-12mo ago, and I regret not doing it years ago. It is so freeing to have secure, unique passwords that you don't have to remember.

Another tip: you can share your password manager password with your wife and both use the same free account. Bitwarden doesn't know or care. And then you will both have easier, safer access to all your online banking etc. And if one of you dies, the survivor won't lose access. I'm sure there are customer service channels to deal with this sort of thing, but it probably involves registered-mailing notarized death certificates or the like.

And then back to the OP, it's a 1min exercise to change your BF password to a new 30-character random string, or you can just trust that no rando would ever be able to get in just by guessing (or using a variant of a password they might have cracked from some other website you use https://xkcd.com/792/)
RubeRad is offline  
Old 11-06-21, 12:57 AM
  #6  
3alarmer 
Friendship is Magic
Thread Starter
 
3alarmer's Avatar
 
Join Date: Nov 2010
Location: The Big Tomato
Posts: 20,784

Bikes: old ones

Mentioned: 292 Post(s)
Tagged: 0 Thread(s)
Quoted: 23616 Post(s)
Liked 7,110 Times in 5,061 Posts
Originally Posted by RubeRad View Post
I'm pretty primitive too (as I'm fond of virtue signalling, I use my work-provided smartphone as little as possible). I only ever surf BF in a desktop browser.

I would recommend you get a free account from Bitwarden (or any other password manager, but Bitwarden is what I chose, and I am very happy with it), and get familiar with how to use it by changing (almost) all your passwords to random strings of 20+ characters that the password manager can remember for you. Install the browser extension, so it can autofill (most) username/password boxes when you go to a site to log in (the ones it can't do are only a few clicks to copy/paste).

I say "(almost) all your passwords", you want one good strong rememberable but typable password for unlocking your password manager, and another one for whatever email account you would need to get into to change all those passwords, in the event you somehow get locked out of the password manager.

I did this finally like 9-12mo ago, and I regret not doing it years ago. It is so freeing to have secure, unique passwords that you don't have to remember.

Another tip: you can share your password manager password with your wife and both use the same free account. Bitwarden doesn't know or care. And then you will both have easier, safer access to all your online banking etc. And if one of you dies, the survivor won't lose access. I'm sure there are customer service channels to deal with this sort of thing, but it probably involves registered-mailing notarized death certificates or the like.

And then back to the OP, it's a 1min exercise to change your BF password to a new 30-character random string, or you can just trust that no rando would ever be able to get in just by guessing (or using a variant of a password they might have cracked from some other website you use https://xkcd.com/792/)
...thank you, but I think I already have a password manager courtesy of the Chrome browser I use almost exclusively. It even notifies me off "compromised" passwords. Then it nags me to change them. It usually turns out to be a password to some site I had forgotten I ever used, and which I haven't visited for years. Then I agonize over how to delete that account, which in many cases turns out to be impossible.

Anyway, if anyone steals my Bike Forums ID, and starts writing caustic commentary, directed at you in teh P+R, you'll know right away it's not me. So I'm not worried.
3alarmer is offline  
Old 11-06-21, 08:48 AM
  #7  
RubeRad
Keepin it Wheel
 
RubeRad's Avatar
 
Join Date: Aug 2011
Location: San Diego
Posts: 9,858

Bikes: Surly CrossCheck, Krampus

Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 22 Post(s)
Liked 2,253 Times in 1,634 Posts
Originally Posted by 3alarmer View Post
...thank you, but I think I already have a password manager courtesy of the Chrome browser I use almost exclusively. It even notifies me off "compromised" passwords. Then it nags me to change them. It usually turns out to be a password to some site I had forgotten I ever used, and which I haven't visited for years. Then I agonize over how to delete that account, which in many cases turns out to be impossible.
OK, that's not the best, but it's not nothin https://www.howtogeek.com/447345/why...sword-manager/

Anyway, if anyone steals my Bike Forums ID, and starts writing caustic commentary, directed at you in teh P+R, you'll know right away it's not me. So I'm not worried.
Whew. I'll keep an eye out for that and notify the net police if I see anything fishy
RubeRad is offline  
Old 11-06-21, 11:55 AM
  #8  
3alarmer 
Friendship is Magic
Thread Starter
 
3alarmer's Avatar
 
Join Date: Nov 2010
Location: The Big Tomato
Posts: 20,784

Bikes: old ones

Mentioned: 292 Post(s)
Tagged: 0 Thread(s)
Quoted: 23616 Post(s)
Liked 7,110 Times in 5,061 Posts
Originally Posted by RubeRad View Post


Whew. I'll keep an eye out for that and notify the net police if I see anything fishy
...I have discovered from this episode, that if your existing reputation on the forum is bad enough, you worry less about someone hacking your account.
3alarmer is offline  
Old 11-06-21, 01:21 PM
  #9  
RubeRad
Keepin it Wheel
 
RubeRad's Avatar
 
Join Date: Aug 2011
Location: San Diego
Posts: 9,858

Bikes: Surly CrossCheck, Krampus

Mentioned: 0 Post(s)
Tagged: 0 Thread(s)
Quoted: 22 Post(s)
Liked 2,253 Times in 1,634 Posts
I know a guy that has a very bad reputation on social media. He tried to launch his own social media website and it got hacked before it even got out of beta
RubeRad is offline  
Likes For RubeRad:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Thread Tools
Search this Thread

Contact Us - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information -

Copyright 2021 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.