# It's your fault if you failed to update your electronic mail.



## Ryuu Girl (May 23, 2016)

*Disclaimer: Different opinions. This does not apply to you if you remember your information but the FA system refuses to send you a confirmation code.*
_
"But I made an accounts so people don't know I'm a furry or like porn!"_

If you cared about your account you would have ensured that you had a dedicated email with a dedicated password. There are much more serious things than pornography
_
"But I used my college email."_

Your school email is for SCHOOL.When you graduate they are no longer responsible for you or will continue to provide for you. What made you think it would last forever? It's not that hard to create another account for personal things. If anything have 2, one for business and one for yourself.

_"But I forgot."_

I bet you remembered to play your favorite game the other day. I bet you remembered to watch your favorite show the other day. I bet you remembered to check on your favorite artist profile. If you can't even remember for yourself then you never truly cared about your account.

_"I have a life, I cant remember everything."_

Reread that previous statement to yourself one more time. Set an alarm, keep a personal journal, make a reminder. We live a world where technology gives you an option so you won't forget. Hell, write a posted note. That excuse sums up how much you cared about your account.


Yes it is partially Furaffinity's fault for the lack of tightness in the security but it's your fault that your information was not kept up to date. Your information wasn't compromised the day of the hack, it was compromised when you stopped caring about your personal information being kept up to date. Please stop taking internet security so lightly.


----------



## KyrooBuck (May 23, 2016)

Ryuu Girl said:


> Yes it is *partially Furaffinity's fault *for the lack of tightness in the security


and the understatement of the year goes to....


----------



## Rabiradis (May 23, 2016)

(Yawn) let's drama begin...


----------



## Ryuu Girl (May 23, 2016)

KyrooBuck said:


> and the understatement of the year goes to....



I'm not talking about the year's altogether, I'm talking about at this time during the hack but hey I'll change it.


----------



## Ryuu Girl (May 23, 2016)

Rabiradis said:


> (Yawn) let's drama begin...



Believe it or not drama is everywhere you look.


----------



## Gem-Wolf (May 23, 2016)




----------



## Wakboth (May 23, 2016)

So, yeah. Agreed completely. While the breach is none of us users' fault (unless one of us is the asshole who used the ImageTragic exploit, spread those USB drives with the source code on them, and/or stole the password/e-mail info, in which case fuck you, you fucking fucker), it completely _is _our fault if we have not kept our e-mail addresses current. There are any number of ways to get an anonymous e-mail account -- just make a Google account, for example, and use gmail.


----------



## KyrooBuck (May 23, 2016)

Ryuu Girl, I can't tell if Rabiradis is talking to you, or me, or both. Just one of those randy posters who love to accuse everyone of drama. You said it well there. Drama is everywhere, its called life. She needs to stop being supercilious and trying to pretend her life is all roses where everyone agrees on everything. 

Though I agree on all of your points, I'm just afraid of minimizing the lethargic practices and complacent attitudes that clearly have led to this incident. Hackers may have done the damage when they invaded, but the gates for them were left rusted open with a welcome mat.

Yeah, people are upset. Their trust was breached, Dragoneer and his staff have a lot of work ahead of them to make good on the negligence. Breach of privacy hits people deeply.


----------



## Ryuu Girl (May 23, 2016)

Gem-Wolf said:


>



Brings back days when I was accused of giving computers a virus or wasn't working when I would play games or download from official trusted companies like Cartoon Network or Disney Channel.


----------



## Ryuu Girl (May 23, 2016)

KyrooBuck said:


> Ryuu Girl, I can't tell if Rabiradis is talking to you, or me, or both. Just one of those randy posters who love to accuse everyone of drama. You said it well there. Drama is everywhere, its called life. She needs to stop being supercilious and trying to pretend her life is all roses where everyone agrees on everything.
> 
> Though I agree on all of your points, I'm just afraid of minimizing the lethargic practices and complacent attitudes that clearly have led to this incident. Hackers may have done the damage when they invaded, but the gates for them were left rusted open with a welcome mat.
> 
> Yeah, people are upset. Their trust was breached, Dragoneer and his staff have a lot of work ahead of them to make good on the negligence. Breach of privacy hits people deeply.



She was responding me to definitely but I too agree that drama is not limited to one group of people. It was here before us, it will still be here after us.

I truly do feel for the people  that have personal information breached to the point that deleting the email is the only possible way of fixing things. Might as well reset everything connected to that email too.


----------



## Gem-Wolf (May 23, 2016)

You know this is gonna get locked right? There's a Mod who's gotten trigger happy with locking the threads relating to the FA login issue


----------



## Ryuu Girl (May 23, 2016)

Wakboth said:


> So, yeah. Agreed completely. While the breach is none of us users' fault (unless one of us is the asshole who used the ImageTragic exploit, spread those USB drives with the source code on them, and/or stole the password/e-mail info, in which case fuck you, you fucking fucker), it completely _is _our fault if we have not kept our e-mail addresses current. There are any number of ways to get an anonymous e-mail account -- just make a Google account, for example, and use gmail.



I can draw, make power point slides, and google my problem. That's as far as my my "hacking skillz" go.

Google has one of the best email systems I have used and the fact that you can make multiple accounts takes the cake. Unless you're signing up for every newsletter in New York Times then it shouldn't be hard to keep up with your one email address.


----------



## Ryuu Girl (May 23, 2016)

Gem-Wolf said:


> You know this is gonna get locked right? There's a Mod who's gotten trigger happy with locking the threads relating to the FA login issue



I won't be surprised honestly. I've noticed it only when there seems to be minor conflict and bickering between 2 or more parties. I am prepared to sink with my ship.


----------



## Deleted member 82554 (May 23, 2016)

Love the creative use of emoticons, very expressive, 8/10.


----------



## Ryuu Girl (May 23, 2016)

Mr. Fox said:


> Love the creative use of emoticons, very expressive, 8/10.



*I'd like to thank the academy...*


----------



## Rabiradis (May 23, 2016)

Ryuu Girl said:


> Believe it or not drama is everywhere you look.


I've prefer not to believe, because it's too complex and sad concept to me.



KyrooBuck said:


> Ryuu Girl, I can't tell if Rabiradis is talking to you, or me, or both. Just one of those randy posters who love to accuse everyone of drama


If you say so...


----------



## Khaiyote (May 23, 2016)

Quite frankly, while I see now how important this is, I didn't even know that changing the email that you created your FA with was even a possibility. Nor did I even realize that it was going to be such a big deal.


----------



## KyrooBuck (May 23, 2016)

Gem-Wolf said:


> You know this is gonna get locked right? There's a Mod who's gotten trigger happy with locking the threads relating to the FA login issue


Man I really want to hope you're wrong there.

Maybe I'm seeing the world through rose colored glasses. But I can't see why they would bother to try to censor users who are responsibly venting frustrations in a non-confrontational way (in an appropriate place). If I'm wrong, I worry for the future of the site.

I'll choose to trust that there is good judgement going on among moderators until proven otherwise incorrect.


----------



## KyrooBuck (May 23, 2016)

Rabiradis said:


> I've prefer not to believe, because it's too complex and sad concept to me.
> 
> If you say so...



1) Get used to it, it's called life. If we didn't disagree or question things, we would be in a sad state indeed.
2) I did, and do.


----------



## Rabiradis (May 23, 2016)

KyrooBuck said:


> 1) Get used to it, it's called life. If we didn't disagree or question things, we would be in a sad state indeed.
> 2) I did, and do.


1) Done.
2) Done.

Also, I thought I heard something about a thing called "irony". Did you know something about it?


----------



## KyrooBuck (May 23, 2016)

Rabiradis said:


> Also, I thought I heard something about a thing called "irony". Did you know something about it?



Would you care to point out what you're alluding to? As near as I can tell, there have been no occurrences of irony thus far.  (Beyond my use of near and far in a single, non contradictory sentence.)


----------



## Wither (May 23, 2016)

Man, we have enough threads here being completely unhelpful. We don't need one that's unhelpful _and_ being a dick about it. 


KyrooBuck said:


> Would you care to point out what you're alluding to? As near as I can tell, there have been no occurrences of irony thus far.  (Beyond my use of near and far in a single, non contradictory sentence.)


You accused them of drama.


----------



## Gem-Wolf (May 23, 2016)

KyrooBuck said:


> Man I really want to hope you're wrong there.
> 
> Maybe I'm seeing the world through rose colored glasses. But I can't see why they would bother to try to censor users who are responsibly venting frustrations in a non-confrontational way (in an appropriate place). If I'm wrong, I worry for the future of the site.
> 
> I'll choose to trust that there is good judgement going on among moderators until proven otherwise incorrect.


It's right there in front of you - just look at all the threads that have a lock icon on them. They all happened today by the same mod in the space of 30 mins


----------



## Ryuu Girl (May 23, 2016)

Wither said:


> Man, we have enough threads here being completely unhelpful. We don't need one that's unhelpful _and_ being a dick about it.
> 
> You accused them of drama.



Not everything is going to go your way. The threads aren't just for tutorials and how to's with sugar on top. If that's rude I truly wonder what you consider being a bully is. This is a thread to open people's eyes that FA is NOT responsible for those who neglected there personal information. If you can't handle the heat, stay out of the kitchen.


----------



## Wither (May 23, 2016)

Gem-Wolf said:


> It's right there in front of you - just look at all the threads that have a lock icon on them. They all happened today by the same mod in the space of 30 mins


And they were all locked because they were either needless complaining with no point OR they were closed to funnel the conversation into one thread instead of having multiple threads saying the same thing.

It was nothing personal, there's no need to get butthurt because your spam threads were locked. I realize you don't care what I have to say, but use a bit of logic before you make statements like you have been. You're making things worse, not better.

As for the people who are blindly believing in what this person has to say, I suggest you look at evidence _yourself _and make your own conclusions. Never let them or anyone else make judgements for you.


Ryuu Girl said:


> Not everything is going to go your way. The threads aren't just for tutorials and how to's with sugar on top. If that's rude I truly wonder what you consider being a bully is. This is a thread to open people's eyes that FA is NOT responsible for those who neglected there personal information. If you can't handle the heat, stay out of the kitchen.


I never called you a bully, love. 
I'm just pointing out the fact that this thread is fucking useless and doing nothing but adding fuel to a fire.


----------



## HTML (May 23, 2016)

Who refers to it as "electronic mail" anymore?


----------



## Wither (May 23, 2016)

HTML said:


> Who refers to it as "electronic mail" anymore?


People trying to sound smart and failing at it.


----------



## JaegerJpaw (May 23, 2016)

Ryuu Girl said:


> *Disclaimer: Different opinions. This does not apply to you if you remember your information but the FA system refuses to send you a confirmation code.*
> _
> "But I made an accounts so people don't know I'm a furry or like porn!"_
> 
> ...



So, here you are trying to shame people into not getting to update their e-mails. Because of something that happened UNPREDICTABLY! Like we were supposed to KNOW in advance about how the site got attacked.

Then you go on to finally blame FA for the security problem. Sorry, your thread is null and void.


----------



## Draghorn (May 23, 2016)

Personally I have sympathy for those who haven't been able to update their email.  I found out yesterday that I lost a yahoo email account because I forgot that I hadn't updated the email address associated with it.  (Thankfully it was an email I only used for as a throwaway for spammy stuff so no that big of a loss actually.)  It was still associated with an old ISP email address.  

When I was losing access to that old ISP account I tried to remember all the accounts I had associated with it.  I think I got most of them, but so far I've at least lost two accounts because I didn't remember that it was associated with it.

I don't know about you, but I have literally hundreds of accounts across the internet, with email associations split between two different email addresses at this point.  At this point if I was forced to change one of those email addresses I am certain I would loose access to something afterwards especially if it was something I don't use often.

If I still have your attention - One *big* tip I would leave you with is don't use an email associated with a revocable membership.  Basically don't use the email given with your ISP or your work email.  Because if you change ISPs or jobs then you've unwitingly screwed yourself.  I suggest using a free email address from one of the big companies like Google or Microsoft.  Those accounts seem like they are safe for the foreseeable future.  (At this point it might be a little risky relying on a Yahoo account considering the shape Yahoo is in.)

Anyway, I at least understand how this could happen to someone, especially if the account was something they didn't use all the time.  I'm with you guys.  ^_^


----------



## Ryuu Girl (May 23, 2016)

Wither said:


> People trying to sound smart and failing at it.



Or YOU could grow up and realize that I can refer to any kind of way I please.


----------



## Ryuu Girl (May 23, 2016)

JaegerJpaw said:


> So, here you are trying to shame people into not getting to update their e-mails. Because of something that happened UNPREDICTABLY! Like we were supposed to KNOW in advance about how the site got attacked.
> 
> Then you go on to finally blame FA for the security problem. Sorry, your thread is null and void.



I'm not shaming anybody. A lot of people knew that site is unstable but aside from that. I don't expect anybody to have visions about site attacks however I expect people to be more knowledgable about internet security and how easy it can be surpass it with the right resources and lack of proper protection.

Nice strawman.


----------



## Gem-Wolf (May 23, 2016)

Wither said:


> And they were all locked because they were either needless complaining with no point OR they were closed to funnel the conversation into one thread instead of having multiple threads saying the same thing.
> 
> It was nothing personal, there's no need to get butthurt because your spam threads were locked. I realize you don't care what I have to say, but use a bit of logic before you make statements like you have been. You're making things worse, not better.
> 
> As for the people who are blindly believing in what this person has to say, I suggest you look at evidence _yourself _and make your own conclusions. Never let them or anyone else make judgements for you.


----------



## Bluedraggy (May 23, 2016)

I'm actually going to just totally ignore the OP premise.  It's wrong in so many ways it doesn't deserve any response.  What I don't understand though is why KNOWING which email address I used to sign up with should be required?  Every site I use has two options - forgot password and forgot email.  You click Forgot email, enter your username, and they send an email to that address.  That's my situation.  I own a domain and thus I have access to (ANYTHING)@mydomain.com.  I have unlimited possibilities - all of which forward to my current realm address.  I made some guesses but all have been wrong so far.  Why don't they put a Forgot Email option on there?

If the concern is that accounts have been hacked and the email address changed - I hate to say it but, so what?  If my account was hacked before the password was reset, it's still hacked. The problem is, I can't reset my password without KNOWING my email address.  In fact, I'm 100% sure that if an email is sent to the address on file, it will get to me.  But I don't KNOW which it is and there's no way for me to find out or to send the code to WHATEVER that address is.

But I'll use the only alternative - I've sent a request to the address mentioned.  How they'll know it's ME requesting it though is anybody's guess.  I just don't think that knowing which email I signed up with should be a requirement.  Having it (whatever it is) be VALID does seem reasonable though.  Just my $.02.  Patiently awaiting the fix.  Interestingly, I DID check to see what email address was on this Forum account.  Apparently it's not the same as at the main site though since it still says it's not right.


----------



## Wither (May 23, 2016)

Bluedraggy said:


> I'm actually going to just totally ignore the OP premise.


It's a pretty easy task as they just deleted all of their posts. 

Now this thread just looks disjointed and weird :v


----------



## jrfan98 (May 23, 2016)

Gem-Wolf said:


>


That's the funniest thing I've seen all day!  Thank you for making my day!


----------



## JaegerJpaw (May 23, 2016)

Ryuu Girl said:


> I'm not shaming anybody. A lot of people knew that site is unstable but aside from that. I don't expect anybody to have visions about site attacks however I expect people to be more knowledgable about internet security and how easy it can be surpass it with the right resources and lack of proper protection.
> 
> Nice strawman.



Telling people it's their fault they didn't do something they couldn't predict? Nice hypocrisy.

Again, your expectations and when things actually happen don't coincide well.


----------



## Ryuu Girl (May 23, 2016)

JaegerJpaw said:


> Telling people it's their fault they didn't do something they couldn't predict? Nice hypocrisy.
> 
> Again, your expectations and when things actually happen don't coincide well.




Even if the attack wasn't going to happen, you should have your email updated. It's not being a hypocrite you're trying to twist it into one but hey if the shoe fits, war them.

Funny how you made an account to respond to this.


----------



## Gem-Wolf (May 23, 2016)

Ryuu Girl said:


> Even if the attack wasn't going to happen, you should have your email updated. It's not being a hypocrite you're trying to twist it into one but hey if the shoe fits, war them.
> 
> Funny how you made an account to respond to this.


I agree, keeping email address up to date is just common sense really. It's something I do automatically though


----------



## Ryuu Girl (May 23, 2016)

Draghorn said:


> Personally I have sympathy for those who haven't been able to update their email.  I found out yesterday that I lost a yahoo email account because I forgot that I hadn't updated the email address associated with it.  (Thankfully it was an email I only used for as a throwaway for spammy stuff so no that big of a loss actually.)  It was still associated with an old ISP email address.
> 
> When I was losing access to that old ISP account I tried to remember all the accounts I had associated with it.  I think I got most of them, but so far I've at least lost two accounts because I didn't remember that it was associated with it.
> 
> ...



I highly appreciate your thoroughly planned response. A lot of points you make I can definitely agree with.  I use Google for business and yahoo for personal stuff, and I can remember when I needed to make an account in order to access a game but somehow Yahoo was rejecting it  to the point it wasn't showing in any of my folders not even the spam. Google all the way.


----------



## Ryuu Girl (May 23, 2016)

Gem-Wolf said:


> I agree, keeping email address up to date is just common sense really. It's something I do automatically though



I apprecaite the response. I blocked him but it's obvious they could not grasp the concept that updating personal information as well as changing is critical in todays digital world.


----------



## Quilmeleon (May 23, 2016)

Ryuu Girl said:


> *Disclaimer: Different opinions. This does not apply to you if you remember your information but the FA system refuses to send you a confirmation code.*
> _
> "But I made an accounts so people don't know I'm a furry or like porn!"_
> 
> ...




Considering I use the same email for every furry site I am on, its weird I get this error message on FA and FA only. While it was in Read-Only mode I confirmed this as I always do when FA is hacked or crashes. Considering its happening to a lot of others I know who own only one email address, its a glitch in the system and not user fault in this scenario. Was no need for a full password wipe across the site. If I did this my employer would fire me for causing confusion.


----------



## JaegerJpaw (May 23, 2016)

Quilmeleon said:


> Considering I use the same email for every furry site I am on, its weird I get this error message on FA and FA only. While it was in Read-Only mode I confirmed this as I always do when FA is hacked or crashes. Considering its happening to a lot of others I know who own only one email address, its a glitch in the system and not user fault in this scenario. Was no need for a full password wipe across the site. If I did this my employer would fire me for causing confusion.



Well, it's FA. IMVU came in with hopes to acquire a furry audience to come into their camp. And not keep the slacking staff on their toes, that's for sure.


----------



## Wakboth (May 23, 2016)

Quilmeleon said:


> Considering I use the same email for every furry site I am on, its weird I get this error message on FA and FA only. While it was in Read-Only mode I confirmed this as I always do when FA is hacked or crashes. Considering its happening to a lot of others I know who own only one email address, its a glitch in the system and not user fault in this scenario. Was no need for a full password wipe across the site. If I did this my employer would fire me for causing confusion.


Yeah, if it's a valid e-mail account that FA just doesn't accept, that's not on you. But there have been so many people talking about how they don't remember the account they used, or how it's long dead, or was a temporary one in the first place. They did screw up.


----------



## DravenDonovan (May 23, 2016)




----------



## nerdbat (May 23, 2016)

If you're an active Internet user, trying to keep everything on every profile for every site up to date is a sure way to become crazy - it's understandable that many people don't consider changing e-mail on some furry website all that important, since the only advantage it gives is to restore the password you know too well to forget, and occasionally receive some useless update news you don't need. It's totally _Furaffinity's_ fault for not stating the importance of changing the mail before force resetting every password without any warning - in fact, even a simple "guys, re-check your mail, or y'all lose your accounts soon, duh" message would do. It should be a freaking common sense on side of FA's staff (or any social network staff for that matter), and with all my respect to their hard work and willingness to resolve the issue, let's be honest and objective - they kinda screwed up on that one.


----------



## Nemnth (May 23, 2016)

I would rather not post my opinion on such a thread like this, but I feel as if you are more bashing people than trying to help them.
I forgot what email I used to sign up myself, I had to get it changed, which thanks to the admins for the help!
But it's ridiculous to be ranting about this in the first place.

Yes, I forgot my email in which I used for FA and I take responsibility, and to say I don't care about my account for that matter is an incredibly ridiculous claim. But there is for no reason why you should be creating a thread to rant about others having issues. At least, that's how I'm decoding this thread. 

Yes, it was their fault, as in people who forgot their emails, but a lot of people have outside lives and really can't afford to spare the time to constantly update their emails or what-not. I wasn't even aware that I used a completely different email before than the one I'm using now.


----------



## Dragonley (May 23, 2016)

Ryuu Girl said:


> *Disclaimer: Different opinions. This does not apply to you if you remember your information but the FA system refuses to send you a confirmation code.*
> _
> "But I made an accounts so people don't know I'm a furry or like porn!"_
> 
> ...




Preach it, girl. Preach!


----------



## WingDog (May 23, 2016)

My email was up to date, it wasn't one I used very often, but that shouldn't matter, the email is still active and yet I still can't get a code to reset my password. FA should have left it up to us to change our passwords ourselves. Now I'm unable to get into my account because of it. I take no blame for the stupidity of FA's decision making skills.


----------



## Quilmeleon (May 23, 2016)

Wakboth said:


> Yeah, if it's a valid e-mail account that FA just doesn't accept, that's not on you. But there have been so many people talking about how they don't remember the account they used, or how it's long dead, or was a temporary one in the first place. They did screw up.



I received my email and apparently was same as I sent to accounts@furaffinity.net from. Errors happen I am not upset about that. Again a forced password change would been better than a full wipe.


----------



## Quilmeleon (May 23, 2016)

JaegerJpaw said:


> Well, it's FA. IMVU came in with hopes to acquire a furry audience to come into their camp. And not keep the slacking staff on their toes, that's for sure.




I have and will never use IMVU. Already too many social media sites to track and still have a life x3


----------



## DravenDonovan (May 24, 2016)

nerdbat said:


> If you're an active Internet user, trying to keep everything on every profile for every site up to date is a sure way to become crazy - it's understandable that many people don't consider changing e-mail on some furry website all that important, since the only advantage it gives is to restore the password you know too well to forget, and occasionally receive some useless update news you don't need. It's totally _Furaffinity's_ fault for not stating the importance of changing the mail before force resetting every password without any warning - in fact, even a simple "guys, re-check your mail, or y'all lose your accounts soon, duh" message would do. It should be a freaking common sense on side of FA's staff (or any social network staff for that matter), and with all my respect to their hard work and willingness to resolve the issue, let's be honest and objective - they kinda screwed up on that one.



Actually they did give a warning.  They had the warning up all week, since the site first came back up, advising people to change their emails and passwords since the hackers may have access to them.  Later on, right before they set it to ROM, they confirmed that the hackers did in fact have access to our passwords and emails and told people they needed to reset them before deciding a 'force reset' was needed.  
It was where it now says 'administer notice' on FA


----------



## nerdbat (May 24, 2016)

DravenDonovan said:


> Actually they did give a warning.  They had the warning up all week, since the site first came back up, advising people to change their emails and passwords since the hackers may have access to them.  Later on, right before they set it to ROM, they confirmed that the hackers did in fact have access to our passwords and emails and told people they needed to reset them before deciding a 'force reset' was needed.
> It was where it now says 'administer notice' on FA



There was something akin to recommendation, related specifically to the passwords. I decided not to change mine, since it's specific to the site anyway. Judging by how many people lost their accounts, I wasn't the only one. The primary problem I see is that nobody was warned about force resetting. If they openly said that "we'll reset your passwords soon", that would be a good reason for users to hurry up and update the info, and then you could blame them for not doing so. If you own a relatively big social network, never make such radical decisions without mentioning the userbase about it beforehand, or you can end up with days of crap to dig, which is exactly what happened.


----------



## HTML (May 24, 2016)

nerdbat said:


> There was something akin to recommendation, related specifically to the passwords. I decided not to change mine, since it's specific to the site anyway. Judging by how many people lost their accounts, I wasn't the only one. The primary problem I see is that nobody was warned about force resetting. If they openly said that "we'll reset your passwords soon", that would be a good reason for users to hurry up and update the info, and then you could blame them for not doing so. If you own a relatively big social network, never make such radical decisions without mentioning the userbase about it beforehand, or you can end up with days of crap to dig, which is exactly what happened.


The problem with that is it then becomes a race. There would be a chance of the hackers getting into the accounts before the owner does, possibly by the way of a bot (think massive account takeovers). I think it's a tricky situation that requires a lot of thinking before taking any sort of drastic action. They could maybe limit password changes to the same IP as the last logged in session of the account, but people with dynamic IPs might be SOL.


----------



## Boha (May 24, 2016)

personally I must say, that the site makes it easy to forget that you even have an email adress assigned to your user ^^
I mean you don't get any notifications or anything (Which also is something great, as other sites spam you with changes on the site or new features, that you don't need). But slowly over the years you forget to care about your email here (My account is now 10 years old).

I think that there is a simple way to prevent this from happening next time. The users should use their email address to login. With this, the email would be more in the focus of the users. And that you would forget your Nickname, because you don't use it anymore for logins, is not so likely.


----------



## Delta (May 24, 2016)

DravenDonovan said:


> Actually they did give a warning.  They had the warning up all week, since the site first came back up, advising people to change their emails and passwords since the hackers may have access to them.  Later on, right before they set it to ROM, they confirmed that the hackers did in fact have access to our passwords and emails and told people they needed to reset them before deciding a 'force reset' was needed.
> It was where it now says 'administer notice' on FA



Thats nice for people who visit the site everyday. Some of us have lives, I myself was on out of town during the brunt of the attack - I know a few people who were also out and away and FA is a source of income for them. If you're going to wipe a password database - which shouldn't happen - like ever, its absolutely imperative that your recovery system is on point - FA's is not. 

OP and like-minded posters want to through the blame on to users when FA only requires you use your email address once in your entire time on the site, when you first sign up. Most of us have had our accounts for years and not once has FA made use of email addresses. Now their security is compromised and all of a sudden these cobweb ridden tidbits of information that haven't seen the light of day since you first signed up are the keys to getting back into your account. Even small, near free forum sites make use of your email address with notifications. Its not the users fault for forgetting to change their emails on a site that doesn't make use of that information.


----------



## NiGHTS4life (May 24, 2016)

The second time I contacted FA via email I just got a message saying it was delayed.  I'll never get my old account back.


----------



## GreenReaper (May 24, 2016)

Twitter, Facebook, and even Tapestries MUCK remind you on a regular basis that having an up-to-date email address is important. It's probably something furry websites should do, too.


----------



## Verin Asper (May 24, 2016)

DravenDonovan said:


> Actually they did give a warning.  They had the warning up all week, since the site first came back up, advising people to change their emails and passwords since the hackers may have access to them.  Later on, right before they set it to ROM, they confirmed that the hackers did in fact have access to our passwords and emails and told people they needed to reset them before deciding a 'force reset' was needed.
> It was where it now says 'administer notice' on FA


ACTUALLY
no they didnt
The only thing they mentioned about Passwords when the site first came up is that they advised folks to change their passwords as they DO NOT KNOW that the folks who attacked the site may have taken also user information of emails and passwords. They THEN at the bottom stated "yes your password was protected by hashing and salting (that turned out to not be true). We were told "maybe you should chance your password" then two days later they put the site into Read only mode meaning we couldnt change our password nor update the email...

The only reason I turned out fine is cause I had a friend who did see the messages went and double check if my set emails are the ones I heavily used (I currently use 10 different emails) since I was spending most of my time at work and and sleeping in cause I was sick.
Then theres the thing of what many users do is "visit the site on a specific day" which my specific day to visit FA is Monday, then on friday (cause friday is the common day many artist open for commissions cause paydays tend to fall on thursdays and fridays) So I was away for the first update and only saw the Read only Mode update.


----------



## DravenDonovan (May 24, 2016)

I meant no offense to my statements.  Should direct your comments to the original post of this thread for it was they who said, "Forgetting isn't an excuse"


----------



## modfox (May 24, 2016)

Dragonley said:


> Preach it, girl. Preach!


since when did this become a church


----------



## Mikazuki Marazhu (May 24, 2016)

modfox said:


> since when did this become a church


FA is the church and Dragoneer is their Lord and Savior


----------



## RyumaruBorike (May 24, 2016)

DravenDonovan said:


> Actually they did give a warning.  They had the warning up all week, since the site first came back up, advising people to change their emails and passwords since the hackers may have access to them.  Later on, right before they set it to ROM, they confirmed that the hackers did in fact have access to our passwords and emails and told people they needed to reset them before deciding a 'force reset' was needed.
> It was where it now says 'administer notice' on FA


They gave a two day warning to update your password (which I did) but said nothing about emails before putting the site in read only then doing a forced wipe, not letting anyone get a chance to see if their emails were up to date.


----------



## Dragonley (May 25, 2016)

modfox said:


> since when did this become a church



Lmfao the fandom is practically already a church itself of furry dick. You furries worship anything with a red rocket.


----------



## keeshah (May 25, 2016)

strange how this trolling thread remains unlocked. 
While all the threads asking legitimate questions about how the the wait might be before there emails are replied too get summarily locked.


----------



## Delta (May 25, 2016)

keeshah said:


> strange how this trolling thread remains unlocked.
> While all the threads asking legitimate questions about how the the wait might be before there emails are replied too get summarily locked.


IMVU might own FA, but the same kind of people still moderate it.
If you're ever unsure or just aren't familiar with the way things work around here, FA and FAF run on a policy of "Silence anything that highlights mistakes or incompetence, always allow for ball-fondling regardless of relevance."
The multitude of threads asking about email disassociation with accounts shows how widespread the effects of this lapse in judgement are.
Threads like this one, however, take the heat off of staff and turns our discontent toward each other instead.
In short, this thread has made for a perfect distraction - furries would much rather yell at each other than inquire on an issue that *prevents them from using the site*.


----------



## All#the#fuR (May 25, 2016)

modfox said:


> since when did this become a church



Since we all moved to Texas


----------



## Wakboth (May 25, 2016)

keeshah said:


> strange how this trolling thread remains unlocked.
> While all the threads asking legitimate questions about how the the wait might be before there emails are replied too get summarily locked.


Probably because they proliferate like weeds, and the best answer that can be given is "It takes as long as it takes, sorry."

Also, this is not a trolling thread. It's a bit aggressive, sure, but ultimately if you don't have a functioning e-mail listed on FA, it really is your own fault.


----------



## Gem-Wolf (May 25, 2016)

keeshah said:


> strange how this trolling thread remains unlocked.
> While all the threads asking legitimate questions about how the the wait might be before there emails are replied too get summarily locked.


Yeah..plus i cannot believe he locked the ONLY thread that users could advise each other on responses from the accounts@furaffinity.net email. That was a HARMLESS thread and did not need to be locked. 

Has anyone noticed that its the same mod who is doing all the locking? I even got a "warning" for a harmless Einstein meme.


----------



## DravenDonovan (May 25, 2016)

keeshah said:


> strange how this trolling thread remains unlocked.
> While all the threads asking legitimate questions about how the the wait might be before there emails are replied too get summarily locked.


I really wouldn't call this trolling.  I mean honestly the drama here isn't that bad xD It's not like some of the other threads that got locked.  People were seriously down each other's throats.  Even people who replied to try and help got insulted.  
This thread just speaks truth that some people don't want to hear.  When you create an account, on any site, you provide an email for the 'just in case' moment that you forget your password, or that someone hacks your account and changes it, or a password reset is necessary.  It's a security measure from which we, the account owners, are responsible for.  If we don't take it seriously, it isn't anyone's fault but our own.  Even in this case, where FA didn't let anyone know to check their emails.  It isn't up to them to remind us to keep things up to date.


----------



## Ryuu Girl (May 25, 2016)

keeshah said:


> strange how this trolling thread remains unlocked.
> While all the threads asking legitimate questions about how the the wait might be before there emails are replied too get summarily locked.



Trolling =/= opinions


----------



## Dragonley (May 25, 2016)

People get so butthurt over everything. You can cough here and people will throw a tantrum.


----------



## nerdbat (May 26, 2016)

Dragonley said:


> People get so butthurt over everything. You can cough here and people will throw a tantrum.


I can't agree more! People need to calm down, it's just getting their mail/password info dumped to some hacker and losing their accounts for no good reason!
..I mean, come on, don't be silly. Problems were stacking up more and more since the attack. People tried to be calm about it on forums, but then more and more crap started happening in a row. Some of them put a lot of money into donations for the site in the past and got this clusterbutt in return, some lost a lot of potential YCH and commision clients. It's not like everybody got pissed on this subforum in one night, after all.


----------



## Dragonley (May 26, 2016)

nerdbat said:


> I can't agree more! People need to calm down, it's just getting their mail/password info dumped to some hacker and losing their accounts for no good reason!
> ..I mean, come on, don't be silly. Problems were stacking up more and more since the attack. People tried to be calm about it on forums, but then more and more crap started happening in a row. Some of them put a lot of money into donations for the site in the past and got this clusterbutt in return, some lost a lot of potential YCH and commision clients. It's not like everybody got pissed on this subforum in one night, after all.



Maybe people should donate money to things that actually matter in this world instead of a site that has a lot of controversy behind it. :V


----------



## nerdbat (May 26, 2016)

Dragonley said:


> Maybe people should donate money to things that actually matter in this world instead of a site that has a lot of controversy behind it. :V


Probably, but it's their hard-earned money after all - in the end people can spend the money they work their ass for on anything they want. In current case, all they wanted is a stable, secured community, but well... I'm kinda glad I didn't donate anything since 2008 c:


----------



## DravenDonovan (May 26, 2016)

Any site can be hacked.  No matter the security.  If the right person wants to hack it.  Hell, DeviantArt isn't a non-profit oginization and people's accounts get hacked on a daily bases.  
Besides, no matter how they chose to handle the situation, the same people would have found a reason to bitch about it *shrugs*


----------



## nerdbat (May 27, 2016)

DravenDonovan said:


> Any site can be hacked.  No matter the security.  If the right person wants to hack it.  Hell, DeviantArt isn't a non-profit oginization and people's accounts get hacked on a daily bases.


Isn't really the same thing - when people's accounts get hacked, it's usually people who screw up at securing them properly (using stock passwords, giving info to third party, etc.) - for example, there's no way to directly hack DA account from inside the site, and the site itself is well secured. When whole social network is getting stolen, that's a whole different story.


----------



## DravenDonovan (May 27, 2016)

nerdbat said:


> Isn't really the same thing - when people's accounts get hacked, it's usually people who screw up at securing them properly (using stock passwords, giving info to third party, etc.) - for example, there's no way to directly hack DA account from inside the site, and the site itself is well secured. When whole social network is getting stolen, that's a whole different story.


True, but that still doesn't deflect the statement that 'any site can be hacked'.  If the right person has reason enough too.


----------



## nerdbat (May 27, 2016)

DravenDonovan said:


> True, but that still doesn't deflect the statement that 'any site can be hacked'.  If the right person has reason enough too.


There's no deny that "any site can be hacked" - it's just that "any good site owner should be responsible as hell for its security". That's why many popular websites are getting to seemingly ridiculous degrees in terms of protecting everything, to the point of being near-impenetrable - because if you lose your own info to a hacker, then you're the only one who's screwed, but if you lose a whole database to a hacker, everybody on the site is screwed, and you're the one who's guilty for letting that happen.


----------



## ChromaticRabbit (May 28, 2016)

I think the concept of "fault" is going too far, but if we must discuss fault, let's discuss furaffinity's fault for not allowing me to change my own password _prior_ to the mass-change imposed upon my account without warning.

Here's another irony: I want to change my forum associated email to my current e-mail address, but the forum software refuses to allow me when I provide it and my password, returning the following error: "Email addresses must be unique. The specified email address is already in use."

I have no idea what it's referring to, but I offered it the correct current e-mail. Is that also MY fault, and what am I supposed to do now, _eat cake_? Will someone then tell me again it's somehow _my_ fault that I didn't change the e-mail address associated with my forum account, even though I tried and was not permitted to do so?

_Please._ Who are you trying to kid?


----------



## HTML (May 28, 2016)

ChromaticRabbit said:


> I think the concept of "fault" is going too far, but if we must discuss fault, let's discuss furaffinity's fault for not allowing me to change my own password _prior_ to the mass-change imposed upon my account without warning.
> 
> Here's another irony: I want to change my forum associated email to my current e-mail address, but the forum software refuses to allow me when I provide it and my password, returning the following error: "Email addresses must be unique. The specified email address is already in use."
> _Please._ Who are you trying to kid?


I'm not sure how they could've allowed people to change their passwords without the possibility of giving the hackers ample time to do a massive takeover of accounts.

That is kind of strange. I'd expect unique emails to only be a sign-up requirement since it doesn't make much sense if the account is already verified.


----------



## DravenDonovan (May 28, 2016)

ChromaticRabbit said:


> I think the concept of "fault" is going too far, but if we must discuss fault, let's discuss furaffinity's fault for not allowing me to change my own password _prior_ to the mass-change imposed upon my account without warning.
> 
> Here's another irony: I want to change my forum associated email to my current e-mail address, but the forum software refuses to allow me when I provide it and my password, returning the following error: "Email addresses must be unique. The specified email address is already in use."
> 
> ...



Who was talking about the 'forum' email in this thread, other than yourself?  We're talking about failing to keep your email up-to-date on FA a fault of the user, not the Forum.  If it's a case where a site won't allow you to change said email, that's a different matter all together, and you should notify an admin to help?
Also, even if they had allowed you to change your password prior to the mass forced password reset, you would have had to change it again anyways.


----------



## DravenDonovan (May 28, 2016)

HTML said:


> I'm not sure how they could've allowed people to change their passwords without the possibility of giving the hackers ample time to do a massive takeover of accounts.
> 
> That is kind of strange. I'd expect unique emails to only be a sign-up requirement since it doesn't make much sense if the account is already verified.


I think it's referring to not being able to use the same email twice.  Meaning the site is trying to say the new email they are trying to switch out from their old email is already in use on the site.


----------



## ChromaticRabbit (May 28, 2016)

HTML said:


> I'm not sure how they could've allowed people to change their passwords without the possibility of giving the hackers ample time to do a massive takeover of accounts.
> 
> That is kind of strange. I'd expect unique emails to only be a sign-up requirement since it doesn't make much sense if the account is already verified.


In truth, there's no perfect answer-- it's usually best to store passwords in a manner that limits impact if the password hashtext is exfiltrated, but even SHA512 hashes will be vulnerable to dictionary-based attacks, and short simple non-dictionary passwords to brute force. Mix a few GPUs into the effort and accounts will rapidly fall. Has FA followed up with suitable password complexity requirements and password hash strength behind-the-scenes on a going-forward basis to limit impacts if this problem reoccurs? 

I can only suppose I set up another forum account long ago and promptly abandoned it, but now it may be tying up my efforts to associate my live e-mail account with this forum account (the old one belongs to a TLD that no longer exists). Perhaps I should just implement my domain's SMTP service again and abandon gmail once more... As if I really needed another reason to, google mines _me_ for gold.


----------



## ChromaticRabbit (May 28, 2016)

DravenDonovan said:


> Who was talking about the 'forum' email in this thread, other than yourself?


 Who distinguishes between their FA account and their FA Forum account? Isn't it reasonable to conflate the two, even if they are technically separate? Anyway, it's not a huge deal, though I would expect many or most FA Forum users in fact used the same usernames and passwords as they did on FA, so it mystifies me that one was mass-changed and the other completely ignored, but, hey, here I am as a consequence.


----------



## DravenDonovan (May 28, 2016)

ChromaticRabbit said:


> Who distinguishes between their FA account and their FA Forum account? Isn't it reasonable to conflate the two, even if they are technically separate? Anyway, it's not a huge deal, though I would expect many or most FA Forum users in fact used the same usernames and passwords as they did on FA, so it mystifies me that one was mass-changed and the other completely ignored, but, hey, here I am as a consequence.



I was just saying that the thread's focus is on the issue with the FA site, not the forum.  So no one was calling anyone out on not being able to change their email on another site.  Yes, this forum is tied to the initial site, but unless you have vital information listed somewhere on your account here, it isn't necessary.
There isn't any need to change your email, unless said email is inaccessible.  Changing the password to your email, if the same email is used that you used on FA is a different matter.  Some emails require you to use your phone number, for some unbeknownst reason, and people who did use the same password on their email and have their email hacked, too, are getting rather threatening phone calls.  
  Also a lot of commission artist on FA have their PayPal info on their site, too, and if they happened to use the same password for that are at a huge risk at losing money.  I believe I heard a rumor one person, at least, had $200 taken out of their account.  
  The situation is a lot worse than how they made it sound to be, so if you do have any vital info with the same password, I'd be changing it.  Also don't look at any strange emails from random people, either.  
  Yes, it's stupid to use the same email for everything, and yes that is soly the individual's fault if other accounts get hacked for that reason.


----------



## Jaegeralus (May 28, 2016)

DravenDonovan said:


> I was just saying that the thread's focus is on the issue with the FA site, not the forum.  So no one was calling anyone out on not being able to change their email on another site.  Yes, this forum is tied to the initial site, but unless you have vital information listed somewhere on your account here, it isn't necessary.
> There isn't any need to change your email, unless said email is inaccessible.  Changing the password to your email, if the same email is used that you used on FA is a different matter.  Some emails require you to use your phone number, for some unbeknownst reason, and people who did use the same password on their email and have their email hacked, too, are getting rather threatening phone calls.
> Also a lot of commission artist on FA have their PayPal info on their site, too, and if they happened to use the same password for that are at a huge risk at losing money.  I believe I heard a rumor one person, at least, had $200 taken out of their account.
> The situation is a lot worse than how they made it sound to be, so if you do have any vital info with the same password, I'd be changing it.  Also don't look at any strange emails from random people, either.
> Yes, it's stupid to use the same email for everything, and yes that is soly the individual's fault if other accounts get hacked for that reason.



Never in my time on the net has a phone number, moreso a cell one, has been required to register on almost anything. Google's GMail is the only one I know of where it's not required. The only possible defenses I can come up with as to why a number at all is needed is:

A) Slows down abusive users from registering so quickly to bypass bannings from some sites. This is defeated however, if the user is IP-banned, then it wouldn't really matter. Unless of course, you refresh your IP and repeat the process.
B) Password-recovery purposes.

I honestly do think though that e-mail services are carelessly setting up their users to be traced and harassed if e-mailing doesn't work.

It is important to have two e-mails in this day and age from nefarious schemes. You have one e-mail strictly to register whatever you want to on it. But you have another e-mail, strictly for online job applications that require signing up and additionally, paypal.

The other thing is that we've been advised for years from security experts that passwords should not be so simple to guess. The users should know better by now and it's hard for me to be sympathetic to those who don't heed that advice. All of my passwords simply gibberish between letters and numbers. People may say "well, that's too hard to remember..." um, it isn't if you know how to document it AND keystroke memory. That's how I remember mine is by their keystrokes. I never want to make a password that doesn't have a keystroke smooth and fluid.


----------



## Willow (May 31, 2016)

>electronic mail 

Jesus Christ OP how old are you? 60?


----------



## Dalamin (Jun 1, 2016)

I created my account in early 2006, over 10 years ago, with a yahoo account that fucked up about 4 years ago. At one point I had to reset the password every week, and eventually daily, until I lost all access to it. 
FA however never used my email for anything and I didn't even realize I could change the email that I had registered, so when I made a Gmail account I just went about my normal routine, never expecting to NEED my old yahoo email. I still used FA on a regular basis. I watch hundreds of artists and browse and comment on a near daily basis. 

I have now contacted accounts[at]furaffinity.net twice since the password reset (with my full information, account name, old email address, situation) with no reply. I feel like I'm never going to get my old account back and I might as well just make a new one. But again, I've had this account for over 10 years now. I'm pretty attached to it and just throwing it away feels pretty wrong and blatantly unnecessary considering how easily this could be fixed if I just got a reply... 

I'm sorry if some people think we're idiots for not keeping all of our information meticulously up to date, but remember the saying: Out of sight, out of mind.


----------



## Jaegeralus (Jun 1, 2016)

Dalamin said:


> I created my account in early 2006, over 10 years ago, with a yahoo account that fucked up about 4 years ago. At one point I had to reset the password every week, and eventually daily, until I lost all access to it.
> FA however never used my email for anything and I didn't even realize I could change the email that I had registered, so when I made a Gmail account I just went about my normal routine, never expecting to NEED my old yahoo email. I still used FA on a regular basis. I watch hundreds of artists and browse and comment on a near daily basis.
> 
> I have now contacted accounts[at]furaffinity.net twice since the password reset (with my full information, account name, old email address, situation) with no reply. I feel like I'm never going to get my old account back and I might as well just make a new one. But again, I've had this account for over 10 years now. I'm pretty attached to it and just throwing it away feels pretty wrong and blatantly unnecessary considering how easily this could be fixed if I just got a reply...
> ...



Agreed. I'd be more concerned remembering what my work schedule is like than "oh my god! this furry art community is hacked and my e-mail/password is in danger! OH NOES!" comparatively.

I, too, have contacted that e-mail a couple times at best with the e-mail I'm currently using. Why the simple task of maybe automatically re-setting my e-mail to the new one than keeping the one that's deactivated is beyond their comprehension or capability for this FA staff is beyond me to understand.

I do not wish to make a new FA, even though I did, but it's moreso to collect free commissions from artists who don't know that I intend on paying them something for awesome work done. Once all that is done with, FA can just be a forgotten memory for all I care. I see others telling people to just move on and make a new account and live with it. Why? so ANOTHER attack can happen, non predictably, site is set in read only mode that prevents you from changing information all again? No. Thanks.


----------

