If you guys think you are always right (along with all the sarcasm and shits), then pray tell why the fuck is the account hacking problem continue to persist for so many years?
Because people continue to use the same password for every site? It's very much possible for one to look up a username on a database lookup site to get their usernames/emails/passwords from other sites and crossmatch them until they get a combination. I guarantee you one out of every thirty to forty accounts is susceptible to getting hacked via database lookups due to not changing their password frequently and continuing to use the same password.
I do believe that the owner of the forum could change the security, however it works two ways. Some people aren't interested in all the security crap and it's a lot of effort for staff to maintain, etc.
Hacked database is probably the most plausible explanation for this wave of hacks. We have to assume that some of the accounts have given fake email addresses that they never registered, which allowed the "hackers" who got the database to check and possibly take over those addresses and reset their passwords. Also, some people never changed their passwords after the leak, making the job easy for the thieves.
What remains to be explained is the newer accounts being hacked, those that were registered after the database leak.
Anyway, we can safely drop the theymos is stealing accounts and selling them theory.
Additional security features will be available in epochtalk. Theymos probably doesn't want to put too much work into the current forum software when the switch to epochtalk is planned anyway.
Wanna do something to make the forum more secure? Help beta test epochtalk.
Wanna do something to make the forum more secure? Help beta test epochtalk.
I'll do that. Just hope he won't make us wait another year.