forum.coppermine-gallery.net
Support => cpg1.3.x Support => Older/other versions => cpg1.3 Permissions & Access Rights => Topic started by: Im_Addicted on April 11, 2005, 01:56:11 am
-
I ran a search on this site for password reminder and came up with no results, so I am going to go ahead and post. On my Coppermine site, I keep getting e-mails sent to my account from the Coppermine gallery telling me that I requested a reminder of my password to be sent to me and it sends me my info; user name and password. But, I have not requested it. Could it be a glitch, something I did wrong, or is somebody trying to hack the gallery? Thanks for any response you can give me.
-
someone ist trying to gain access (hacking attempt). Make sure you have a good password (upper and lower case plus numbers, not a dictionary word, min. 8 chars, no keyboard pattern nor backwards-word).
Joachim
-
You should also review your server logs. Cross reference the times with the times on your emails, that should help you narrow down the culprit.
-
Thanks for the help. I have always had it set up that the users can not see the member list at all, so I am wondering how they got my user name to begin with? I have also had the password to be a combination of letters and numbers that are case sensitive. But, I am changing it again now. I am going to try cross referencing to see if I can figure out who it might be, but I am not sure I am skilled enough to figure that out. Not sure where to go for my server logs but I will most certainly look into it. I would not be surprised if it is the creep who wrote all sorts of profane comments on the site until I banned the IP address and forced registration just to view the albums.
One question, when I change my password, it asks me to confirm which user I am changing it for and it gives me three options - my user name and two that look like this "<>". What on earth are those?
-
That would be some password remembering feature in your browser, not a part of coppermine. Just going to /profile.php?uid=1 will bring up the admin profile on most galleries, so it is easy to get the admin username.
-
as a workaround against what Nibbler is refering to, create another user account, make him admin, log in with the new admin account and make the old aldmin account a regular user. This way, your new admin account will have a random uid (not "1").
Joachim
-
Thank you so much. I will do that now.