Just got logged in automatically as another user? Page 2

  • Page

    of 3 First / Last

  • graysonavich 17 Jun 2013 10:10:29 7,385 posts
    Seen 7 hours ago
    Registered 5 years ago
    Take the hint.
  • AcidSnake 17 Jun 2013 10:17:15 7,326 posts
    Seen 12 hours ago
    Registered 9 years ago
    Yeah, got logged out here as well...

    AcidSnake - He can't see your sig, avatar, images or vids and talks about himself in the third person because he's proper old-skool...UID 24017

  • Deleted user 17 June 2013 10:38:08
    It's very disconcerting every time I get logged out (which is frequently) knowing that it could be because someone else has logged in under my profile.

    This is a pretty major issue. Would be nice to know it's one that has been acknowledged and is being fixed given it's a security thing.
  • neilka Funniest Forumite, 2014 17 Jun 2013 10:41:49 16,825 posts
    Seen 6 hours ago
    Registered 9 years ago
    Yewtree server raid I reckon

    AVOID

  • DFawkes 17 Jun 2013 10:47:14 24,709 posts
    Seen 8 hours ago
    Registered 9 years ago
    FRAUD ACTIONS! Though in all seriousness there are real legal implications on having a security flaw such as this. Not that I care in the slighest, I don't have anything I'd regard as secure on EG. If I did care I wouldn't be using the worlds least secure password. No, not "password" or "12345" or anything like that.

    Oh for goodness sake, I've caught my scrotum in my zip again - Margaret Thatcher, 1986

  • Deleted user 17 June 2013 10:47:55
    I've been logged out twice now, would be very amusing were someone to read my pms.

    Pretty major technical issue though?
  • BillMurray 17 Jun 2013 10:49:22 8,034 posts
    Seen 9 hours ago
    Registered 6 years ago
    Yup, got logged out here also.
  • nickthegun 17 Jun 2013 10:50:03 62,204 posts
    Seen 7 hours ago
    Registered 9 years ago
    Choppi wrote:
    would be very amusing were someone to read my pms.
    Hairyarse pretty much tells us all what they say anyway.

    ---------------------------------------------------------
    My man gives real loving that's why I call him Killer
    He's not a wham-bam-thank-you-ma'am, he's a thriller

  • DFawkes 17 Jun 2013 10:51:06 24,709 posts
    Seen 8 hours ago
    Registered 9 years ago
    Don't worry folks, EG are registered with the ICO so will keep our information safe as houses :)

    Edited by DFawkes at 10:52:05 17-06-2013

    Oh for goodness sake, I've caught my scrotum in my zip again - Margaret Thatcher, 1986

  • graysonavich 17 Jun 2013 10:58:11 7,385 posts
    Seen 7 hours ago
    Registered 5 years ago
    Oh noes PMs. Someone else could take advantage to all those Sony offers I get spammed with.
  • glaeken 17 Jun 2013 10:59:30 11,328 posts
    Seen 14 hours ago
    Registered 10 years ago
    It happened to me yesterday from my home machine. It logged me in as some user who had only ever made 1 post. Pretty weird.
  • Mr_Sleep 17 Jun 2013 11:11:43 17,590 posts
    Seen 6 hours ago
    Registered 13 years ago
    I was logged out this morning as well.

    You are a factory of sadness.

  • Salaman 17 Jun 2013 11:12:44 19,973 posts
    Seen 8 minutes ago
    Registered 11 years ago
    Booo. I was logged out and I was half hoping to land in someone else's account then.
  • mrpon 17 Jun 2013 11:12:58 29,989 posts
    Seen 9 hours ago
    Registered 8 years ago
    Also logged out.

    Give me $10 I'm worth it.

  • Deleted user 17 June 2013 11:13:44
    yeah same here, but also my orange account too.. and my your oragne doesn't seem to work...

    /paranoid
  • TheSaint 17 Jun 2013 11:13:45 15,101 posts
    Seen 6 hours ago
    Registered 9 years ago
    glaeken wrote:
    It happened to me yesterday from my home machine. It logged me in as some user who had only ever made 1 post. Pretty weird.
    How many have they made now?
  • glaeken 17 Jun 2013 11:17:53 11,328 posts
    Seen 14 hours ago
    Registered 10 years ago
    I failed to take advantage of the situation. I had no idea it was a general thing until I saw this thread. Actually I don't think I care enough about this forum to need to take advantage of temporary anonymity.
  • craigy Staff 17 Jun 2013 11:21:00 8,112 posts
    Seen 1 hour ago
    Registered 8 years ago
    Hello everyone,

    Apologies for the delay in responding to this thread. We've been looking into the problem and I can report the following:

    - During the Microsoft E3 livetext, our servers were under considerable pressure. We had a team on hand all night to tweak server configurations to keep the site working.

    - At one point a new Varnish (https://www.varnish-cache.org/about) configuration was deployed to our live servers which incorrectly supplied an authentication cookie for a single user account to all page requests. This meant several people were logged on as a single user named "BulletApe".

    - This problem was quickly spotted, and a new Varnish config was deployed to stop the problem from spreading to more users.

    - The issue affected any users who made page requests between 23:12 and 23:24 on 10th June. Everyone else remains unaffected.

    - This morning I decided to globally invalidate all active logins to force everyone out of the single account. This means you would have been logged out earlier this morning. Sorry about that.

    - The small number of users who were logged in as BulletApe had no access to his password, but could have edited his profile and posted as him.

    Obviously this sort of thing should not happen, and we're reviewing our live deployment process to try and catch this sort of mistake before it happens again. If you want any more information, please feel free to ask.

    Thanks, Craig
  • DFawkes 17 Jun 2013 11:24:21 24,709 posts
    Seen 8 hours ago
    Registered 9 years ago
    Nicely done then Craigy, thanks for the info :)

    Oh for goodness sake, I've caught my scrotum in my zip again - Margaret Thatcher, 1986

  • neilka Funniest Forumite, 2014 17 Jun 2013 11:24:37 16,825 posts
    Seen 6 hours ago
    Registered 9 years ago
    DAMN YOU BULLETAAAAAAAAAAAAAAAAAAAPE

    AVOID

  • monkehhh 17 Jun 2013 11:26:32 3,615 posts
    Seen 7 hours ago
    Registered 6 years ago
    Thanks Craigy, group hug?
  • b0rk 17 Jun 2013 11:26:37 3,127 posts
    Seen 6 hours ago
    Registered 9 years ago
    Is this the real life?
  • neilka Funniest Forumite, 2014 17 Jun 2013 11:27:17 16,825 posts
    Seen 6 hours ago
    Registered 9 years ago
    Wait, so who was glaeken logged in as?

    AVOID

  • Deleted user 17 June 2013 11:29:33
    I got logged in as someone else last week. Can't remember his name but it was 5 letters. BIAHB or something.
  • caligari 17 Jun 2013 11:34:12 17,207 posts
    Seen 4 days ago
    Registered 13 years ago
    I bring this up every year or so, but at the moment it's far too easy to change an account's password. You should at least need to know the original password - the change should then have to be confirmed via E-mail...or summink.

    Edited by caligari at 11:34:29 17-06-2013
  • graysonavich 17 Jun 2013 11:38:51 7,385 posts
    Seen 7 hours ago
    Registered 5 years ago
    HairyArse wrote:
    I got logged in as someone else last week. Can't remember his name but it was 5 letters. BIAHB or something.
    REVAN?
  • Page

    of 3 First / Last

Log in or register to reply