That's how it should be, but considering how widespread this issue is and how it continues to happen after people change their passwords is evidence to suggest Warmane is storing passwords in plaintext somewhere and is being leaked constantly.
'); document.write(''); var yuipath = 'clientscript/yui'; var yuicombopath = ''; var remoteyui = false; } else // Load Rest of YUI remotely (where possible) { var yuipath = 'https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build'; var yuicombopath = ''; var remoteyui = true; if (!yuicombopath) { document.write(''); } } var SESSIONURL = "s=8628c614cc14a2171b5c0a5b832f2d3c&"; var SECURITYTOKEN = "guest"; var IMGDIR_MISC = "warmane/misc"; var IMGDIR_BUTTON = "warmane/buttons"; var vb_disable_ajax = parseInt("0", 10); var SIMPLEVERSION = "422"; var BBURL = "https://forum.warmane.com"; var LOGGEDIN = 0 > 0 ? true : false; var THIS_SCRIPT = "showthread"; var RELPATH = "showthread.php?page=4&t=410112"; var PATHS = { forum : "", cms : "", blog : "" }; var AJAXBASEURL = "https://forum.warmane.com/"; var CoTTooltips = { rename: true, icons: false, iconsize: 15, qualitycolor: true, overridecolor: { spells: '#839309', items: '', npcs: '#fff', objects: '#fff', quests: '#ffb100', achievements: '#fff' } }; // -->
That's how it should be, but considering how widespread this issue is and how it continues to happen after people change their passwords is evidence to suggest Warmane is storing passwords in plaintext somewhere and is being leaked constantly.
Wrong. Password verification is done after 2FA, it's a limitation made by Blizzard when they designed the protocol.
http://forum.warmane.com/showthread....=1#post3021955
What's interesting is the varied IP addresses I'm seeing from the attempts from another user trying to get access to my account. Today I have 5 attempts in 20 min, with 4 different IP address...so this isn't a bug. Someone is using an IP spoofing tool to attack accounts to try and gain access.
I also noticed there is no use in tracking or even blocking the IP address, when using tools that hide their IP address. Fortunately I believe this person doesn't know my email address or I would have received a fake Ware mane message with a link to enter my authorization code, which would allow them to compromise my account.
The many emails I receive regularly are becoming annoying.
They can't spoof because the protocol is over TCP. They're using a proxy list and we've been blocking them as they appear.
Well as I'm logged in to the website and viewing posts, I was just hit again with a login attempt from a new hackers IP address authorization request. How are you blocking them, or are we suppose to submit the IP address to be blocked?
I have had the same IP since August, yet there have been many attempts from many other IP address trying to login.
We have logs of every successful/unsuccessful attempt. I'm not sure what system is being used but I imagine it rejects connections after X unsuccessful attempts and then further attempts get a permanent block.
You have a strong password and 2fa on. What do you care?
You can't stop people from trying to get into your account.