GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Someone steals our customer passwords regularly

adonis · 10-10-2007, 11:22 PM

I noticed someone is accessing our site using our customers' passwords. He's using the same IP address (at least I know one of his IP addresses). He's using only selected passwords of the last day (He generally doesn't use older passwords). He sometimes shares a password with a few others.

I think he's not using brute force attack, because we log failed logins, nothing weird there...

He can access customers' mails (at least one of them), because I changed a password and emailed the customer, 5 minutes later he tried the new password.

If some password is used by a few different IP numbers in a day, it is suspended temporarily with a warning message. He sees the message and continously tries to enter for hours. He has other passwords but he insists on the latest one he has.

This is very weird. Does someone have any logical idea?

10-10-2007, 11:22 PM
adonis Confirmed User Join Date: Oct 2002 Posts: 231	Someone steals our customer passwords regularly I noticed someone is accessing our site using our customers' passwords. He's using the same IP address (at least I know one of his IP addresses). He's using only selected passwords of the last day (He generally doesn't use older passwords). He sometimes shares a password with a few others. I think he's not using brute force attack, because we log failed logins, nothing weird there... He can access customers' mails (at least one of them), because I changed a password and emailed the customer, 5 minutes later he tried the new password. If some password is used by a few different IP numbers in a day, it is suspended temporarily with a warning message. He sees the message and continously tries to enter for hours. He has other passwords but he insists on the latest one he has. This is very weird. Does someone have any logical idea?