So I log on Guru today and a vbulletin pops up saying that my password is 644 days old and has expired.
Meh- I never new guru had such a feature.
Change Password Request
ori
_Aphotic_
Yeah. What is this? I got a similar message, except it said 393 days old.
vader
Your password is 2196 days old, and has therefore expired.
Annoying.
Annoying.
nkrumsvik
Your password is 1785 days old, and has therefore expired.
Please change your password using this page.
Please change your password using this page.
Jenn
That giant notice at the top of the page.... 
Quote:
Originally Posted by Notice at the top of the forums
Quote:
Recent spam & Phishing Attempts
Please be wary of off-site links, folks. There has been some recent spam on our forums that contain links to sites that are not safe. Threads or posts saying things like, "Giving Guild Wars account away, click this link to get it!" should not be trusted.
The URL we have identified is an off-site link to a fake Hotmail website, but be cautious of other possibilities, too.
As always, please browse safely. Use unique passwords, make sure they are strong and don't be careless with your information. If you believe you have compromised your security by clicking such links, please change your email password and your passwords on the Guru websites.
Some GWG/GW2G accounts were breached as a result of some people clicking those phishing links. Breached accounts have, in many cases, been reposting spam. As such, you may have had your account banned. If this is the case, please contact us to get your account unbanned. We forced a password reset for added security. While it may not have been 100% necessary, it was done to help prevent already-compromised accounts from perpetuating the phishing attempts.
Please be wary of off-site links, folks. There has been some recent spam on our forums that contain links to sites that are not safe. Threads or posts saying things like, "Giving Guild Wars account away, click this link to get it!" should not be trusted.
The URL we have identified is an off-site link to a fake Hotmail website, but be cautious of other possibilities, too.
As always, please browse safely. Use unique passwords, make sure they are strong and don't be careless with your information. If you believe you have compromised your security by clicking such links, please change your email password and your passwords on the Guru websites.
Some GWG/GW2G accounts were breached as a result of some people clicking those phishing links. Breached accounts have, in many cases, been reposting spam. As such, you may have had your account banned. If this is the case, please contact us to get your account unbanned. We forced a password reset for added security. While it may not have been 100% necessary, it was done to help prevent already-compromised accounts from perpetuating the phishing attempts.
Shadowhaze
Ah, was wondering what that was. Scared me a min. lol. Thanks for the clarification!
Amy Awien
animal fighter
And there was a notice about phishing and nothing about a password update - gee I'm sure that didn't bother many people.
Kattar
Unfortunately we can't keep you from giving away your account credentials through whatever phishing attempt you happen to come across. We can filter urls, delete spam, ban spammers, and fix user accounts. We can also take other precautionary measures, just to be extra safe, like having everyone reset their passwords.
This site is as safe as we can make it. We can't be responsible for everything else our users do on the internet.
This site is as safe as we can make it. We can't be responsible for everything else our users do on the internet.
Amy Awien
Kattar
X-Plosiv
around 2300h+, and got that message.
Meh.
But it's ok, if it helps 1 person not to get hacked, then I don't have nothing against policy that all members should change password.
Meh.
But it's ok, if it helps 1 person not to get hacked, then I don't have nothing against policy that all members should change password.
ori
Thanks for the clarification Jenn.
I had originally looked in that giant notices box at the top of the page but only found the same old "Recent spam & Phishing Attempts" warning that has been there since...well, for a while now. I could have assumed Guru initiated a forced password change for all members, but I don't usually make assumptions when it comes to password security.
I wasn't really all that concerned about it which is why I posted in the Off topic section for some bullsiht discussion, and see if anybody else got the change request.
It is good to see Guru taking measures to ensure the security of the site.
I had originally looked in that giant notices box at the top of the page but only found the same old "Recent spam & Phishing Attempts" warning that has been there since...well, for a while now. I could have assumed Guru initiated a forced password change for all members, but I don't usually make assumptions when it comes to password security.
I wasn't really all that concerned about it which is why I posted in the Off topic section for some bullsiht discussion, and see if anybody else got the change request.
It is good to see Guru taking measures to ensure the security of the site.
Curo
Sure, good idea, but that notice about phishing and what not should have notified us about why we had to change our password. I, like the others here, was afraid that my account had been somehow compromised. The notice should tell users that there was a password reset.
shadowfell
I didn't get the message at all!
Spiritz
Now if guru hadnt bothered to reset passes and some members lost their accounts thru it - a huge amount of ppl would be complaining that they lost their accounts and guru had no protection.
There are some players still who use same emails and passes for the game - thats not gurus fault but at least they are being forced to change.
Any passes the hackers may have had would now be void and unusable - which is gd for the community.
Security on a website isnt easy - some hackers will try exploits/bugs to force entry to database and if you look at how many times big companies ( non gaming ) have had hacking attempts etc you will see that even the best protected sites can eventually be hacke into.
Also remember that both guru and anet have always stated to try and rotate passwords and yet no one on guru has really followed that ( probably a few have ) and changed passes regular.
Myself id like to think at least guru is trying to protect its community even if it seems to us an irritation , ty guru staff for "caring for the community" and trying to protect us
There are some players still who use same emails and passes for the game - thats not gurus fault but at least they are being forced to change.
Any passes the hackers may have had would now be void and unusable - which is gd for the community.
Security on a website isnt easy - some hackers will try exploits/bugs to force entry to database and if you look at how many times big companies ( non gaming ) have had hacking attempts etc you will see that even the best protected sites can eventually be hacke into.
Also remember that both guru and anet have always stated to try and rotate passwords and yet no one on guru has really followed that ( probably a few have ) and changed passes regular.
Myself id like to think at least guru is trying to protect its community even if it seems to us an irritation , ty guru staff for "caring for the community" and trying to protect us
hattara
Please, add a clear note to the notice that everyone's passwords have been reset, and the password expiry notices are legit and not caused by a security breach at Guru. I was extremely leery of changing my password after such a notice - especially as I know for a fact I've reset my password this year, so it can't be 544 days old. I don't see why you can't update the notice *now*.
Kvinna
Agreed and added.
End
You will be prompted to change your password after you have logged in. If you have any problems please use the Contact Us form mentioned above.
I was never prompted. Did I break my account?
I was never prompted. Did I break my account?