Spambot Password Attack

[Collector]

It seems that there has been an improvement in the spambots' ability to get past the CAPTCHA. I found about a dozen or so newly registered accounts by spambots today. Not all had been activated and because of the minimum post count requirement to be able to post without approval, none of the posts got through. I hate to ban too many IPs since it might block legitimate users as well as I don't like toughening the CAPTCHA settings too much as it makes it hard for real people to get past. I had been using the 3D CAPTCHA, which seemed to be easier for humans to read that the noise type, but had been effective against spambots. I have set it back to the noise type for now.

If anyone knows someone that is having trouble registering because of this, please PM me. There looks like there are some changes to CAPTCHA in the latest phpBB, so I may be upgrading the board, soon.

[Tawmis]

I wish the additional question thing that worked with phpbb2 worked with phpbb3 (it may, I have never tested it) - but it's the one where you create your own question. And anything Sierra related would stop any spam bots... like you could ask, "Who was the woman who created King's Quest?" or any variation there of that any Sierra fan is bound to know.

[Omni]

I would have failed that Question.

Also looks like reCAPTHCA was broken wide open recently and it is not just this board suffering a lot of spam attacks.

[DeadPoolX]

I would have failed that Question.

Maybe, but you can look the info up online. A spambot can't do that.

[Tawmis]

I would have failed that Question.
Also looks like reCAPTHCA was broken wide open recently and it is not just this board suffering a lot of spam attacks.

Really?
I figured that'd be one everyone knew...

But like I said, the question could be anything - even what's the last name of the couple who founded Sierra? Or something... Or which of these Leisure Suit Larry games was never made: LSL1, LSL2, LSL3, LSL4, LSL5, LSL6 or LSL7?

I would have failed that Question.

Maybe, but you can look the info up online. A spambot can't do that.

Exactly.

[Collector]

It seems that the bot attacks on passwords has started here. If you find that you are having trouble logging in and the password recovery is not working, send an email to me or Tawm. Also, Let me know when you were having the problems so I can narrow down the IP log to nail where this is coming from. I fully expect it to be a Russian IP.

[Rath Darkblade]

I couldn't log in as of last night (23 March). I couldn't recover my password, so I asked for a new password, and I will now change my password to something long and hard to guess.

[AndreaDraco]

It happened to me today.

I requested a new password and I was good to go.

[Rudy]

I couldn't log in as of last night (23 March). I couldn't recover my password, so I asked for a new password, and I will now change my password to something long and hard to guess.

It isn't t4wm1$1$r34LLY4w3s0m3 by any chance, is it?

[Tawmis]

I couldn't log in as of last night (23 March). I couldn't recover my password, so I asked for a new password, and I will now change my password to something long and hard to guess.

It isn't t4wm1$1$r34LLY4w3s0m3 by any chance, is it?

I save that for special people.

[Collector]

He is "4w3s0m3", isn't he.

[Rath Darkblade]

I couldn't log in as of last night (23 March). I couldn't recover my password, so I asked for a new password, and I will now change my password to something long and hard to guess.

It isn't t4wm1$1$r34LLY4w3s0m3 by any chance, is it?

Err... nope. Sorry, Tawm, I haven't been as creative as that.

Besides, I don't think I should give any hints on my password here. Spambots have ears, y'know.

[audiodane]

I've seen boards that have as the prompt "what is 37 minus 5?" or something of the sort. Do bots do well with things like that? Is is it a matter of something that needs to change frequently because bots share their results with other bots?

..dane

[Tawmis]

cpages2 is locked out because of the password attack - so it's prosilver again so he can do the capcha... Once he's in, he will reply here so myself or Collector can change it back.

[cpages2]

im back!

Missed you all