Need help? Check out our Support site, then


WordPress.com Forums » Support

Anyone else gotten the "change your password" advisory in admin section of blog?

  1. darthmooga
    Member

    I just did, and here is the text that was attached to that advisory:

    "We recently found and fixed a mistake that we’d like to tell you about. Passwords on WordPress.com are saved in a way that makes them extremely secure, such that even our own employees are unable to see your actual password – the one you enter to login to your WordPress.com account. However, between July 2007 and April 2008, and September 2010 and July 2011, a mistake in one of our systems used to find and correct bugs on WordPress.com accidentally logged some users’ passwords in a less secure format during registration.
    We’ve updated our systems to automatically prevent passwords from being logged this way in the future, so this will not happen again. We don’t have any evidence that this data has been accessed maliciously or misused, but to be on the safe side we are resetting your password since your account is among those affected.
    Please change your password here.
    If the password you used when you registered on WordPress.com was one you use elsewhere, you should change it there, too. In the future, remember that it’s good practice to always use unique passwords for different services.
    We are terribly sorry about this mistake. No one likes having to create new passwords and we’d like to include a 15% off coupon to say we’re sorry. The coupon can be used for a custom domain, a design upgrade, VideoPress, or a storage space increase. Just use the code below on any of the upgrades on the WordPress.com Store: XXXXXXXXXX.

    If you have any questions at all, please let our Happiness team know at [email redacted]"

    I have searched the forum for any recent discussions on this without success.

    I am e-mailing WordPress admin just to be sure. Meanwhile, any input, advice or comment on this could be helpful.

    The Moog

  2. supportbot
    Support Bot

    You did not specify a blog address or reason for posting when you created this topic.

    This support forum is for blogs hosted at WordPress.com. If your question is about a self-hosted WordPress blog then you'll find help at the WordPress.org forums.

    If you don't understand the difference between WordPress.com and WordPress.org, you may find this information helpful.

    If you forgot to include a link to your blog, you can reply and include it below. It'll help people to answer your question.

    This is an automated message.

  3. thesacredpath
    Staff

    I got an email in addition to the warning on one of my sites and just followed the directions and changed the password.

  4. darthmooga
    Member

    @ thesacredpath

    Thanks.

    Just wanted to make sure I wasn't the only one dealing with what is clearly a site-wide issue.

  5. thesacredpath
    Staff

    It didn't affect all sites apparently since only one of my blogs/usernames was affected. I have two other usernames/accounts and both of them are fine.

  6. cyberaxis
    Member

    Huhmm ........ Was the affected site relatively more popular (in terms of traffic) than the other two?

  7. thesacredpath
    Staff

    No, it would not be connected to popularity.

  8. dkmnow
    Member

    I got one of these only a few hours ago. I changed my password.

    Now, having logged in once again, I'm being told the same thing a second time.

    Dear WP, how many times will I be required to change my password ... per day?

    FAIL.

  9. raincoaster
    Member

    Well, posting in the forum isn't the same as getting your feedback to staff: do that via your dashboard Help button. None of the volunteers here are responsible for the warning.

  10. macmanx
    Happiness Engineer

    You'll only need to change your password once. This new password change process is . . . well, it's new. We're still ironing out the bugs, but we wanted to get this out there ASAP considering the situation.

  11. dkmnow
    Member

    Okay. Thanks, macmanx.

    And sorry for my vitriol. Recent experiences with Twitter, Tumblr and Google+ over the past few weeks have left me more than a little testy. :-p

  12. raincoaster
    Member

    I hear ya on that!

  13. wizzardprang
    Member

    Thanks macmanx, I tend not to implicitly trust emails of that nature ;)

  14. picola9011
    Member

    Ich habe heute auch so eine Aufforderung das Passwort zu ändern bekommen.Habe es dann geändert.Und jetzt einige Stunden später noch einmal,warum,ich bin jetzt sehr verunsichert und auch was das mit dem

    Sicherheitsupdate und 15% Rabatt Coupon von WordPress.com‏,verstehe ich auch nicht,was soll das bedeuten.

    Hat mir vielleicht jemand eine Antwort,ob diese Meldung wirklich von WordPress.com ist oder ...

  15. karinakuschnir
    Member

    Are you sure this is not a SPAM?? Is it safe to click on the link??

  16. picola9011
    Member

    Das ist ja meine Frage .!!! Darum bin ich ja hier im Forum um zu fragen ob jemand weiß ,ob diese Meldung echt ist

  17. airodyssey
    Member

    @picola9011: You are posting on the English forums. For assistance in German, I suggest you ask instead at the link below.

    German (Deutsch) : http://de.forums.wordpress.com

  18. dlager
    Member

    picola9011 says her message to change her password includes a 15% discount for wordpress.com
    She is wondering if it is ok to click on that message.

    I will flag the modulators attention.

  19. dlager
    Member

    airodyssey, has the better plan.

    I made my comment because picola9011 has a question about the same topic.

    http://de.forums.wordpress.com/

  20. dollsaga
    Member

    yes, I did get these annoying message, and I changed my passwrod twice, I am still getting this message. everytime after I changed my password, I'd get another message, offering a coupon to buy wordpress products

    I have decided no to play such games. if my account is hacked, then, I'll move to blogger.

  21. fromundermanyhats0209
    Member

    I got the request yesterday to change my password, too. Along with a 15% discount after changing it. I wrote the code down for later use. Hope it isn't a spam. I have seen one instance where I can't get my Comment Prompt to say what I want it to say since this change. Everything else looks and works ok.

  22. hockeyredstar
    Member

    After change my password all the images from my cite was deleted....Help !!!

  23. auxclass
    Member

    redstarthockey.wordpress.com is no longer available.

    The authors have deleted this blog.

    You should start a new thread for that issue and also put a link to the blog in question.

  24. rudy799
    Member

    Same problem here. I'm located in the Netherlands. I've changed password and some time later the same request to change it appeared on my homepage on wordpress.com... There are two links in the message: one leads to the store and the other to the settings page. If this is a way of advertising it's a very aggressive one. (I can hardly believe they do such!) The only question I have is: is it still save and secure?

    Ruud van der Meulen

  25. masfebe
    Member

    I have received the email and I want to delete my account because my password was compromised. However the site states that accounts cannot be deleted, only the site.
    How can I contact the site admin to demand the deletion of my account?

  26. macmanx
    Happiness Engineer

    Yes, the email is from us, it is safe to click the link to reset your password, and please feel free to use the coupon.

    The notice may appear in your Dashboard more than once, we're working on that, but you'll only need to reset your password once.

    masfebe, at this time we cannot delete accounts, but you're welcome to modify or clear out your profile information.

  27. sw3den
    Member

    I got that, too.

    Maybe we should use 15% discount a month later, to make sure that it is not spam. During now to that time, if it is really spam, WP should tell us something.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags