商店页面
Town of Salem
全部 讨论 截图 艺术作品 实况直播 视频 新闻 指南 评测

Town of Salem

商店页面
查看统计:
全球成就
Town of Salem > 综合讨论 > 主题详情
Flavorable 2019 年 6 月 15 日 上午 4:21
Security update/warning [Please read. Very important.]
Hey guys,

So, for the last couple of days, we have been suffering from people getting hacked (mainly ranked players). This seems to be a result of someone obtaining the data that was breached and using it for malicious intent.

The only people that have been hit are the people that did not change their password after the breach, despite the many announcements and the e-mail notification we sent out.

So I implore all of you who haven't: CHANGE YOUR PASSWORD. The time for leniency will undoubtedly eventually run out.

Even if you did change your password, always keep in mind (and this goes for every account you ever make on the internet) that regularly changing your passwords (at least every 3-6 months) is ALWAYS recommended for your own safety and security. And as much as sites advertise the importance of special characters, don't forget that the longer the password, the safer it is. (As you can imagine, something like "abcde12!" is way easier to decrypt than "abcdefghijklmnopqrstuvwxyz".

If you are aware of any friends/players that have been inactive since before the breach and they have not changed their password and they're paid or grandfathered accounts, I highly suggest messaging them to change their password, and if they don't respond or are inactive still, feel free to PM me their ToS account name and I can check if they have been hacked and send it through to the Admins to lock their accounts so there won't be any damage done.

You can change your password here: https://www.blankmediagames.com/phpbb/ucp.php?mode=sendpassword (This sends an automatically generated password, but doing this first is important for logging purposes). Afterwards, you can go here: https://www.blankmediagames.com/help/requestpasswordreset.php and change the generated password into one of your own.

22-06-2019 [EDIT] Edited in correct, working link.
最后由 Flavorable 编辑于; 2019 年 6 月 21 日 下午 3:44
< >
正在显示第 1 - 15 条,共 23 条留言
Vepar 2019 年 6 月 15 日 上午 7:32 
Is it ok if we just use the auto generated password? Or can that be somehow obtained by the hackers?
#1
Flavorable 2019 年 6 月 15 日 上午 7:41 
引用自 Vepar
Is it ok if we just use the auto generated password? Or can that be somehow obtained by the hackers?
Perfectly fine to do so.

The other link is there purely for the people who prefer their own personal password.
#2
Vepar 2019 年 6 月 15 日 上午 8:23 
引用自 Flavorable
引用自 Vepar
Is it ok if we just use the auto generated password? Or can that be somehow obtained by the hackers?
Perfectly fine to do so.

The other link is there purely for the people who prefer their own personal password.

Ok, thanks!
#3
Flavorable 2019 年 6 月 21 日 下午 3:40 
Updated the link for changing your password yourself.
#4
clonegunner237 2019 年 6 月 27 日 下午 11:39 
Sooo... I log in through steam and don't know what e-mail I used for my account. How do I go about this process, anyway? I haven't been playing ranked, only ranked practice, so is the problem even relevant for me?
最后由 clonegunner237 编辑于; 2019 年 6 月 27 日 下午 11:40
#5
Flavorable 2019 年 6 月 28 日 上午 12:13 
引用自 clonegunner237
Sooo... I log in through steam and don't know what e-mail I used for my account. How do I go about this process, anyway? I haven't been playing ranked, only ranked practice, so is the problem even relevant for me?

If you have not changed your password in 5/6 months (or longer), then yes, it is definitely relevant for you.

If you don't remember the e-mailaddress you used, there's basically a 3-step thing you can do:

1 > Check all your known inboxes and search for "blankmediagames.com" to see if any e-mails from them show up on one of your e-mailaddresses, if not;

2 > Try the first link in the original post repeatedly for every e-mailaddress you may have used, and if that also doesn't work;

3 > E-mail the developers and explain the situation. They will need as much proof from you that the account in question belongs to you, so give them as much info as you can (and be sure to include the receipt for ToS which you can find under "Help > Steam Support" and your Steam username).
#6
Scientist 2019 年 7 月 5 日 上午 8:14 
i kinda dont care for my account especially since i have the same password as my username, i just use scrolls.
#7
Hurricane 2019 年 8 月 23 日 上午 10:01 
Are the passwords in the database salted and hashed ? With a adequately robust hash ?
#8
Scientist 2019 年 8 月 23 日 上午 10:04 
引用自 Hurricane
Are the passwords in the database salted and hashed ? With a adequately robust hash ?
i saw a post on reddit about how uhhh how they arent hashed at all and are just loosely placed
#9
shapesifter13  [开发者] 2019 年 8 月 26 日 下午 12:49 
At the time of the breach they were salted MD5 hashes, which we are aware is not the most robust. This has since been improved, but many passwords with 10 or less characters were cracked. This has all been discussed on the forums related to the breach.
#10
DJ 2019 年 8 月 26 日 下午 1:11 
Does this affect people who log in through steam?
#11
Flavorable 2019 年 8 月 26 日 下午 2:20 
引用自 DJ Spicy Deluxe
Does this affect people who log in through steam?
Yes, because you still use a ToS account to log in, not a Steam account. The "log in through Steam" button is ONLY for linking an account to Steam, besides that it has nothing to do with Steam or your Steam account (which you never need to log into the game).
#12
DJ 2019 年 8 月 26 日 下午 8:32 
引用自 Flavorable
引用自 DJ Spicy Deluxe
Does this affect people who log in through steam?
Yes, because you still use a ToS account to log in, not a Steam account. The "log in through Steam" button is ONLY for linking an account to Steam, besides that it has nothing to do with Steam or your Steam account (which you never need to log into the game).
So there is a chance you could lose your ToS account but not your Steam account if you don't do anything then, right?
#13
Flavorable 2019 年 8 月 26 日 下午 11:39 
引用自 DJ Spicy Deluxe
引用自 Flavorable
Yes, because you still use a ToS account to log in, not a Steam account. The "log in through Steam" button is ONLY for linking an account to Steam, besides that it has nothing to do with Steam or your Steam account (which you never need to log into the game).
So there is a chance you could lose your ToS account but not your Steam account if you don't do anything then, right?
Well, it does depend on whether or not you use your ToS account info (username/e-mailaddress + password combo) anywhere else.
#14
Scientist 2019 年 8 月 27 日 下午 5:18 
引用自 Flavorable
引用自 DJ Spicy Deluxe
So there is a chance you could lose your ToS account but not your Steam account if you don't do anything then, right?
Well, it does depend on whether or not you use your ToS account info (username/e-mailaddress + password combo) anywhere else.
luckily i have a plan, i use the same password as my username so people will think its a dumbass alt acc, its risky but fighting fire with fire is all i need
#15
< >
正在显示第 1 - 15 条,共 23 条留言
每页显示数: 1530 50

Town of Salem > 综合讨论 > 主题详情
发帖日期: 2019 年 6 月 15 日 上午 4:21
回复数: 23

讨论规则及指引