Latest DaniWeb Community Feedback Posts

Thanks to Dani queen, I was also affected by this as well, tried to reset password but the email wasn't sent to me, I contacted her about this and she assisted me instantly. I was about to loose hope in gaining back my Daniweb account. Thank you Dani.

Could you have perhaps made a typo in the email?

I honestly don't think so, but it's always a slim possibility of course ;-)

Dani 1,700

My question was directed to happygeek who didn't get his emails at all.

When you fill out the form, you're prompted to enter your email, and there is no notification as to if you entered a valid email or not. It simply says that, if a valid user exists with that email address, that user will be emailed. So if you have a typo in the email you enter, you may not realize it and won't receive an email.

In my case, probably not, because

  1. I got the emails, just a few days late
  2. I use a macro (jd plus the @) which automatically expands to my email address
Dani 1,700

Could you have perhaps made a typo in the email?

Logged out, hit forgot my password, entered email, reset link arrived immediately. So, seems to be working now no problem :-)

Dani 1,700

Davey can you please try requesting again? Thanks!

Truly, I have. A "break" is a PC security episode where a site's information has been wrongfully gotten to by digital aggressors and discharged freely.

I realize that my principle email account has been undermined before, and utilized for sending Spam, in light of the fact that my facilitating supplier incapacitated my email account and facilitating account until I had a chance to change my secret key.

I realize that every one of my sites are under consistent robotized secret phrase speculating assault, in spite of the fact that I was never broken.

Her post aimed at criticizing Google for encouraging search result monopoly and replacing DaniWeb with StackOverflow.

Dani Horowitz elaborate what she meant by Google linking to stackoverflow who is linking to the answerers on DaniWeb.

As far as I know, if you want to preserve content and not leave holes in the conversations, you can just obscure the details of the poster and keep the contents of the post without the username and without the email address. I don't see what makes it so complicated. It has been established on several sites that there is no need to physically delete an account to comply with GDPR, all you have to do is scramble the details so that it can't be linked to a person. That's not rocket science. I haven't looked at the profile to see if allows changing the email address, but if it does, and if the site administration is refusing to delete people's accounts, people can just switch the address to a throwaway and then delete it, effectively locking themselves out. Nowadays many email providers have an option to create temporary email addresses that can be closed down indepently if they start receiving spam. They also show the user who leaked the address. The only problem is it actually requires going out of your way to remember which dummy you used with which site, so people would generally use them only if they're suspecting the site to be leaking the address to spammers.

A while back someone was encouraging people to check if their email address had been involved in a breach and of course I checked mine, noticing this among the breaches. I hadn't even been active here, I created an account 6 years ago and went inactive straight after. I can't remember why I originally created an account for but most likely I didn't find what I was searching for. Recently I was sent automated emails informing me that I never actually confirmed my email address despite registering. It seems a bit funny that a site like this could allow people to enter an email address and have it linked to a profile without ever actually checking if it was valid. Most likely it's different nowadays than what it was 6 years ago, but it's a bit discouraging to think that my email address is listed in various databases, potentially being sold to spammers, and actually migrating over to a new email address would be problematic for multiple reasons. I know this is not the only site to be breached, others like Adobe and Myspace have also had the same thing happen. It's just sort of frustrating to know that even if I were to create a new email address and only use it with trusted parties, one security failure anywhere could result in endless spam again. At least I'm fortunate enough that my spam filter is able to catch pretty much everything, there are some false positives occasionally but very ...

This is really odd, as I have still not had any password reset mails despite requesting them around the same time as Jim.

I re-sent it with two eml attachments.

Dani 1,700

I got them but they were both just forwarded to me.

Instead can you please send them both as ATTACHMENTS (eml files). This way we can investigate the headers.

I sent you two (another one came in).

Dani 1,700

Jim,

Please please please forward me that email as an attachment, including all headers. That would be a HUGE help. Thanks!!

It's 15:14 (CST) on March 1 and I just got another password reset email dated 2019-02-24 16:06.

This is what happens when you change your login password hash algorithm without considering to create a fallback mechanism

Apart from the fact that Dani did create a fallback mechanism, of course.

and we had a fallback mechanism in place until late-2017. (I think 2+ years should have been enough time to give everyone who cared to change thier password...)

a strong signal to get away if you are still here

some may be justified in asking why

C'mon guys, I appreciate that glitches such as this are annoying and I appreciate that DaniWeb isn't as busy as it used to be. However, Dani remains one of the most responsive site owners that I have ever encountered, and I've been around online communmities for 30 odd years now since the days of FidoNet, Prestel, Usenet etc. She's explained that it's been a tough couple of weeks, and we all hvae those, so cut her a break maybe rather than going for the jugular? Just saying...

I have the same problem: I'm out of touch and disoriented. I seem to remember something about this -- but not how much of a problem I had or what I did about it, if anything. I thought I had written to you detailing it, but it feels like I'm remembering a dream (as many things do now.) I'm interested in staying connected to this community, though some may be justified in asking why.

Dani 1,700

I've been having a tough last couple of weeks (personal things going on) so I haven't spent a lot of time around here, unfortunately. I heard from James that there was downtime due to one of the Redis servers running out of memory. He was able to bring it back online, but all of the open sessions were deleted when Redis was restarted, so everyone was logged out.

In 2012/2013, when we migrated off of vBulletin onto our own platform, we created a new hash algorithm to hash the existing MD5 passwords that vBulletin used. (Unfortunately vBulletin used simple MD5s with a random salt. By hashing the salted hashes we had with peppers, we wouldn't have to force people to change thier password.)

We finally upgraded to a much more robust encryption algorithm in 2015 when we created Dazah, and for that, we unfortunately had to force everyone to change their password. We emailed everyone to change their password and log into Dazah, and we had a fallback mechanism in place until late-2017. (I think 2+ years should have been enough time to give everyone who cared to change thier password. When we switched to this latest backend which launched in October 2017, we removed the fallback code.)

Unfortunately, the recent Redis crash logged everyone out, and some of you guys had been logged in longer than 6 months. You ran into issues trying to log back in because the fallback mechanism had been removed between the last time you ...

jkon 506

This is what happens when you change your login password hash algorithm without considering to create a fallback mechanism , no big deal after all because we are really few people that login in DaniWeb during the last several days , but a strong signal to get away if you are still here.

I had the same login problem but used the Facebook route to skirt around it. Oddly though, I've not yet had any of the delayed password reset emails...

It's Feb 27 13:06 (CST) and I just got another password reset email dated Feb 24 17:38.

rproffitt commented: What was said long ago about how to really muck up a system? "Let's use a computer." +0

As to the delayed emails, I can write the same here. Day late, dollar short.

As I understand it, there were problems on Sunday (Feb 24) which caused problems logging in. Daniweb would not accept my password (or so it said). Normally when I go to login I get presented with the login page with my userID (reverend Jim) and password already filled in. Now I was getting the login page with my email address instead of my userID. Manually entering my userID and password resulted in an indication that my password was incorrect. I clicked on the "Reset Password" which is supposed to send a reset email to a given address (which I entered). No reset email was sent. I repeated this procedure several times with no email resulting.

So after complaining to several people (it's my nature) I decided to try a little test.

  1. Login using my google ID (this worked)
  2. Post a new thread (then delete it)
  3. Logout
  4. Login as Reverend Jim (surprisingly this worked)

So it seemed that everything was working. I can only assume (out of total ignorance because web programming is not in my skill set) that the problem was in my cache.

But it seems there may still be something amiss because it is now two days later and I just got one of several DaniWeb Password Reset emails. The date stamp on the email says 2019-02-25 15:32 but it just came in today at 10:12 am (CST). Other emails are arriving in a timely fashion so I don't know what is happening with ...

Thanks Jim, the fog is lifting and I can see clearly now etc :-)

It was probably in reference to this thread. As I recall, the OP asked for help via PM.

Sorry DaniWeb4jim, who was that aimed at in this thread?

You would not send me an answer to a message in a PM because I quote, "I would not send it in a PM because it would only benefit you". Now you want to. What was your problem? I forgot about it until Dani asked me something and I opened your nice message. In Windows 10, I still can not make a DVD DL. So if you want the world to kow and I really could care what or where you answer it. Post it.