I'm posting this here to have a better chance of reaching all potentially interested users, but please let me be clear up front that I'm talking about those separate user accounts on our Small Wars Council discussion board, NOT here on the Journal side of things.
We've had a half dozen alerts over the past few days that Council user accounts are being locked after five failed login attempts, but the rightful owners didn't try to access it. The forum software freezes the account for 15 minutes and sends out a notice to the registered owner.
We infer that a very unsophisticated robot or human is poking around, doing the internet equivalent of checking to see if the front door is unlocked. We have no indication that anyone's account has been breached. Our most basic, front line security measures are working as they should, and we have several layers. We're just letting you know about it out of an abundance of caution.
There is a thread over in the Council with a little more information about what we know and what we're doing. We will update the first post in that thread as we learn more.
In these internet times, a strong password is always a good idea. I wouldn't worry about it now if you already have one, but if you are running with 'password' or '1234,' it's a good idea to tighten that up. To change your password:
- Here on the Journal, click on Hello Username at the top of the page, select the Edit tab.
- Over in the Small Wars Council forum, go to the Edit Your Details section of the User Control Panel.
As I said, we'll update that post over on the Council as we learn more. There is no indication of any issue here on the Journal side and no real cause for worry in the Council. We're policing the area.