Locked out of my account... again

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Locked out of my account... again

    This is getting really, really annoying. I keep getting locked out of this site, except the first few times I thought it was my own stupidity, changed my password, and carried on.

    The multiple incorrect password attempts on my account are coming from an IP address:
    https://whatismyipaddress.com/ip/185.93.228.14

    That's Sucuri and since they are a security company , I assume they are doing penetration-testing, looking at accounts and trying some 'obvious' passwords, unless they have themselves been pwned.

    A port scan indicates that site running an HTTP and an HTTPS server, when I visit there it says:

    Code:
      The site you are visiting is using Sucuri Website Firewall. And for some reason it is not configured properly. If you are the site            
    owner, please open a ticket here asap for us to look at it for you: https://support.sucuri.net. If you are visiting the site please try       
    again in a few minutes.    
    I'm unsure what the intention is here. If Sucuri are testing the strength of people's passwords then this is absolutely not the way to do it. They should get access to the hashes, and run their password cracker against those. Firstly, their activity is indistinguishable from hacking, secondly, this is incredibly wasteful of resources. If this is part of some smoke test for the security system in general, why use my account? And why keep using it over and over again?

    For the admins: If you are going to employ these fools to test your security could you at least drop the 15 minute lockout to something reasonable so when we hit it as we inevitably will, it isn't quite so annoying. If this wasn't intentional, could you take up the issue with Sucuri and tell them they've been hacked, or need to reconfigure their pen-testing setup.

    Thanks.

    #2
    It has been an ongoing problem ever since Sucuri took over the site security last July.

    There is already a thread about it: https://forums.landlordzone.co.uk/fo...86#post1114586

    It seems to be at least every Sunday morning, and other random times as well.
    I have more or less given up trying to log in before 13:00 GMT on a Sunday.

    Comment


      #3
      Thanks nukecad. That is useful information, I will try to avoid Sunday.

      Comment


        #4
        I don't think they're running active penetration testing, I think that's a proxy server being used for access control.
        And from the look of the message quoted it's not configured properly.

        I think that this site is hosted by Sucuri.
        When I post, I am expressing an opinion - feel free to disagree, I have been wrong before.
        Please don't act on my suggestions without checking with a grown-up (ideally some kind of expert).

        Comment


          #5
          Same thing happened Sunday 17th between 6 and 8 pm approx, incorrect password/username please wait 15 minutes.

          Not the 1st time this problem happened, see link in post #2 by nukecad

          Most annoying when you know your entering the correct username/password
          Fed up with nitpickers and rivet counters...

          Comment


            #6
            Blocked again at 19:24 GMT, Tuesday 19 Jan 2021.

            20:11 Still blocked. (So much for "Please wait 15 minutes").
            20:30 Still blocked.
            20:55 Finally allowed to login.

            OK someone may be trying to 'brute force' attack the forum (by guessing passwords) but if they are they are being very persistent at it for the past 6 months.

            It's much more likely that there is a bug in the Sucuri protection and/or it's being over-enthusiastic.

            But TBH I'm begining to suspect that this is some regular security-scan/maintenance/backup that Sucuri are doing, and rather than say so they are just using an existing message (and so worrying users unecessarily).

            Moderator2 Have Sucuri had anything to say about this?
            It's getting beyond a joke when regular members are being blocked from logging in on a regular basis.

            Comment


              #7
              Yes I was blocked from one device this evening, am also feeling it's getting a nuisance.

              Comment


                #8
                Yes, I was locked out repeatedly yesterday too, just wish the site would provide an explanation

                Comment


                  #9
                  I was locked out earlier also. Seemed okay for a while, now worse again.

                  Comment


                    #10
                    Wednesday 20 Jan 2021.

                    17:00 Login blocked again.
                    17:30 Still blocked.
                    18:02 Still blocked.
                    18:30 Still blocked.
                    19:00 Still blocked.
                    19:30 Still blocked.

                    Finally let me in at 21:29

                    Whilst I'm locked out I can see that others are still posting, so it's not a total lockout.

                    Comment


                      #11
                      Do you "login" every time you visit the site?

                      I never "logout", and don't seem to have this proplem.

                      Comment


                        #12
                        Originally posted by Mrs Mug View Post
                        Do you "login" every time you visit the site?

                        I never "logout", and don't seem to have this proplem.
                        Sorry for the delay replying but:

                        Thursday 21 Jan.
                        17:25 Locked out yet again.
                        Tried every 20/30 mins until it finally let me in at 19:20

                        Yes, I log out of all websites at the end of each browsing session.
                        (I completely clear the browsers cookies, supercookies, session, caches, history, and so on).

                        Although many people do stay logged in it's poor internet security to stay logged into websites and user accounts.
                        Anyone could go on your computer and access your accounts, if it's a laptop or phone that gets lost or stolen the finder(stealer) has direct access to all your accounts, passwords, email addresses, etc., etc.
                        Even if your computer itself is passworded it's not difficult to bypass that with a bit of technical knowledge, I've done it a few time for friends who have locked themselves out of their laptops.

                        The login problem here (and it's only on this forum) seems to be being caused by the new'ish site security contractor, so having to stay logged in which leaves you less secure is illogical.

                        Comment


                          #13
                          Originally posted by nukecad View Post
                          Although many people do stay logged in it's poor internet security to stay logged into websites and user accounts.
                          Anyone could go on your computer and access your accounts,
                          I only stayed logged into a few websites, this is one of them.

                          Comment


                            #14
                            I only use the site from home, so any unauthorised access to my devices would be much worse news than accessing this account.

                            And it's hard to imagine what damage could be done by someone using my log in.
                            Possibly some better advice might be given!
                            When I post, I am expressing an opinion - feel free to disagree, I have been wrong before.
                            Please don't act on my suggestions without checking with a grown-up (ideally some kind of expert).

                            Comment


                              #15
                              Many sites are OK to stay logged into, it's just general good internet security not to do it though.

                              It could lead to a chain, someone gets into your account here and they have your email adress and forum password.
                              You'd be surprised how many use the same pasword elsewhere, so the baddie now has a toe-in to your emails and possibly other fora where you have used the same password, things can (and do) balloon from there.
                              ie. If they get into your email account they then have the email addresses of all your contacts, who will then no doubt start to get spam, scams, and phishing emails, as will all their contacts, and so on.

                              Of course it's up to an individual to decide what level of risk they take, as long as they are aware that they are taking a risk.

                              I moderate on a couple of places, one a major software developer, someone getting in as me on those could wreak havoc.

                              PS. No problem logging in today, straight in first time.

                              Comment

                              Latest Activity

                              Collapse

                              Working...
                              X