Quote:
|
Originally Posted by minusonebit
You know what?
I always have thought that ePassporte's whole "scrambled passwords in the DB" story is bullshit. Now I know.
I signed into my account a second ago using the password they e-mailed me and went to change my password back so I can use "my" password to get into my account.
When I went to change it, I get this message:
Now, if they lost my password in this DB mess, how would the system know that I used that password before? Its lost, remember? So once again, ePassporte has blown smoke up my ass. Someone ain't tellin the truth.
What really happened, ePassporte? I cant wait to hear the explanation here. |
Last week, ePassporte's LDAP server crashed and our backup was corrupted. The result: a number of account passwords were automatically reset. I know this issue was inconvenient for our account holders and we are extremely sorry for this. Most of you are able to login now and use your accounts again but if anyone is still having troubles, please feel free to contact me or Keyser and we will ensure your issue is handled immediately.
Were these accounts hacked??? NO! In fact, the database issue made it even harder for anyone to access any ePassporte account.
Some accounts were not effected by the crash however we were unable to differentiate between these accounts. Minusondebit, your account was one that was NOT effected but as I said we were unable to differentiate so we simply reset the password on accounts we thought would have an issue. We store the last three passwords with a one way encryption scheme. That means we can encrypt them, but we cannot decrypt them. We take the password that you enter and we encrypt it and compare it to the old encrypted password. If it matches, we don't let you use it again for security purposes.
I hope this answers your questions and everyone can put away their popcorn and milk duds.