CHANGE THE CS SECURITY SYSTEM

[Falco]

Hey guys, hopping on real quick to remind people that this is a suggestion thread! While I think everyone is making good point, please stay on topic so we can keep this thread up

[General Chaos]

It is well known among cybersecurity experts (not one myself, but I have two friends in the field professionally) that human error (e.g. reusing passwords or accidentally downloading malware) is the most common cause for security breaches (citation), so I don't think Seasonal's advice is unwarranted.

That said, since human error is known to be responsible for so many of these, there are measures in place that a cite like CS could use to mitigate it, many of which are floating around as suggestions in this topic. I would like to see a more robust security system implemented in CS: it's not uncommon for other adoptable sites nowadays. Take for example Flight Rising's response to a similar situation

I also understand CS is a much tinier team than FR, but I still think this should be a priority for site development. A periodical reminder to change your password is not a bad place to start. I'm eager to find out what additional improvements are planned c:

This is so well put.

As someone who also has close family in the field of cyber security, and computer programming (i.e. my late father,) all issues are human error. This could be from everything from who makes the password to who does the security for the website. (NOT blaming anyone, just making a statement.) Electronics only do what they are programmed to do.

I do also agree with a lot of people that when it comes down to it the main problem is the lack of transparency. They are clearly working on trying to fix it, it would be a poor business decision not to let's be honest. But to not say anything about it? Or warn people? I don't know. I don't want this thread to get locked so I don't want to go too off topic but ...

IF you are worried go check out a password manager. There are a few good ones. They help keep your passwords safe, and can even randomize them, but keep them stored for you so you can go look at it if you need your password to do anything it's not autosaved to.
A couple good ones are
• Nordpass
• LastPass

[StaticTelly]

just wanted to say bitwarden is one of the best password managers i think . it even lets you generate a super secure password thats random letters, numbers, and/or puncuation marks. i switched to using it and never looked back, and they have an app for you to use it on phone too .

[Falco]

just wanted to say bitwarden is one of the best password managers i think . it even lets you generate a super secure password thats random letters, numbers, and/or puncuation marks. i switched to using it and never looked back, and they have an app for you to use it on phone too .

I think thats a great idea, thank you so much for your tip!

[002]

Here's a useful source you can use to see if your data has been part of a security breach: https://haveibeenpwned.com/
Password strength meter: https://www.passwordmonster.com/

Personally, I like to use a passkey master to save my passwords, like "LastPass" and "keeper" where you can generate randomised passwords that take a ridiculous amount of time for a hacker to crack into. I would highly recommend reading into these programs and what they do to keep your information safe, have never been involved in a security breach with my passwords again.

Hope this helps anyone!

[ryo asuka]

hi im too busy to really sit down and write a well constructed and informed contribution to this discussion but tldr. support

[Audrey_Bee]

I think a lot has been done and will be done. The staff deserve a lot more praise than they get. We asked and they listened ♥︎

[badass skeleton]

I think a lot has been done and will be done. The staff deserve a lot more praise than they get. We asked and they listened ♥︎

listened to us how much, though.

[jesse.faden]

Here's a useful source you can use to see if your data has been part of a security breach: https://haveibeenpwned.com/
Password strength meter: https://www.passwordmonster.com/

Personally, I like to use a passkey master to save my passwords, like "LastPass" and "keeper" where you can generate randomised passwords that take a ridiculous amount of time for a hacker to crack into. I would highly recommend reading into these programs and what they do to keep your information safe, have never been involved in a security breach with my passwords again.

Hope this helps anyone!

this is INSANELY helpful!!! Was able to find my email in different attacks, plus made new passwords with the help of the strength meter. thanks! <3
edit:

I think a lot has been done and will be done. The staff deserve a lot more praise than they get. We asked and they listened ♥︎

listened to us how much, though.

also thisssss. sure they listened to SOME things, not all. plus, they never even announced "hey guys there was a data breech, we're doing all we can thanks for ur patience"
they could at least let the entire site know rather than individual members creating threads.

[ryo asuka]

also thisssss. sure they listened to SOME things, not all. plus, they never even announced "hey guys there was a data breech, we're doing all we can thanks for ur patience"
they could at least let the entire site know rather than individual members creating threads.

yyyyeah like. idk. if im going to try to understand why there hasn't been an actual announcement for all users to know what happened i can only assume its to avoid like..? scaring people? particularly kids? but even so animal jam didn't put off communicating to its primarily underage audience about their databreach (albeit different) so it just doesnt really make sense. i cannot stress enough how important it is for people to know whats going on. i've been trying to keep up w it and even i don't know the full extent of whats happening because there hasn't been an announcement. trying to sift through threads for answers isn't really transparent enough

V YEA FOR SURE LOL i used the term pretty loosely here which i probably shouldnt do so imma edit this to clarify. kindof proves my point even further though it shouldnt be too difficult to announce what has happened given its smaller in comparison