I haven't seen one yet, so at least there is only one or two users doing it. It could be worse and be like, a group of 20 doing it. Anyway, if that were the case you could just disable sigs for the main usergroups.
Printable View
I haven't seen one yet, so at least there is only one or two users doing it. It could be worse and be like, a group of 20 doing it. Anyway, if that were the case you could just disable sigs for the main usergroups.
Disabling signatures for the main user-groups would unhappy quite a lot of users, surely?Quote:
Originally Posted by Wiizzz
So would masses of users getting hacked.Quote:
Originally Posted by xxMATTGxx
And this is not a problem on a daily basis, it isn't like this happens every single day at Habbox where some user trys and gets your account details by making sure a "login prompt" pops up on their screen. Plus, it would depend how many people would actually enter their login details into the box or just press cancel.Quote:
Originally Posted by Wiizzz
Yes luckily. But as I said, that it probably worst case scenario.Quote:
Originally Posted by xxMATTGxx
I rather not see signatures be disabled due to this, I would rather see a method of trying to prevent this from happening but allowing people to still have images in their signatures. (If possible at all) Removing a feature for everyone, wouldn't be ideal and they are used by many members on the forum.Quote:
Originally Posted by Wiizzz
We can usually swoop on these things pretty quickly so I don't think there's much to worry about - the security notice was posted as a both a notification for anybody fooled by this and a notice to warn users incase it happens again.
The user who had it in their signature has been banned.
It's worth noting we don't actually allow users to have signatures until they are out of the "Newly Registered Users" approval group - so that's 5 posts, so it was probably just some clever ass trying to get people's passwords 'cause people use the same as their Habbo password sometimes.
Few security tips:
- There are three places where you may be asked to type in your HabboxForum Password, they are:
- The Login box in the top-left of HabboxForum.com
- When changing your password in usercp
- On www.habboxforum.com/support - which is an official HabboxForum site.
You should not type your HxF password anywhere else.
Of course only temporarily I mean. ;lQuote:
Originally Posted by xxMATTGxx
Even not allowing .php wouldn't fix it because they can use .htaccess to make it appear under index.png or whatever. I don't think only allowing Habbox.com dynamic images would be a good idea because some users make their own such as Florx who made a few and hosted on his own server.
The user had basically set the login to send entered info to a .txt file, it doesn't happen all the time but happens now and again. I guess we'll just have to watch out for it.
This pretty much, bit of common sense like not entering your details into any strange boxes that pop up infront of you and just let one of the moderation / admins know. Problem sorted.Quote:
Originally Posted by Skizzling