Need help? Check out our Support site, then


Anyone else gotten the "change your password" advisory in admin section of blog?

  1. I just did, and here is the text that was attached to that advisory:

    "We recently found and fixed a mistake that we’d like to tell you about. Passwords on WordPress.com are saved in a way that makes them extremely secure, such that even our own employees are unable to see your actual password – the one you enter to login to your WordPress.com account. However, between July 2007 and April 2008, and September 2010 and July 2011, a mistake in one of our systems used to find and correct bugs on WordPress.com accidentally logged some users’ passwords in a less secure format during registration.
    We’ve updated our systems to automatically prevent passwords from being logged this way in the future, so this will not happen again. We don’t have any evidence that this data has been accessed maliciously or misused, but to be on the safe side we are resetting your password since your account is among those affected.
    Please change your password here.
    If the password you used when you registered on WordPress.com was one you use elsewhere, you should change it there, too. In the future, remember that it’s good practice to always use unique passwords for different services.
    We are terribly sorry about this mistake. No one likes having to create new passwords and we’d like to include a 15% off coupon to say we’re sorry. The coupon can be used for a custom domain, a design upgrade, VideoPress, or a storage space increase. Just use the code below on any of the upgrades on the WordPress.com Store: XXXXXXXXXX.

    If you have any questions at all, please let our Happiness team know at [email redacted]"

    I have searched the forum for any recent discussions on this without success.

    I am e-mailing WordPress admin just to be sure. Meanwhile, any input, advice or comment on this could be helpful.

    The Moog

  2. You did not specify a blog address or reason for posting when you created this topic.

    This support forum is for blogs hosted at WordPress.com. If your question is about a self-hosted WordPress blog then you'll find help at the WordPress.org forums.

    If you don't understand the difference between WordPress.com and WordPress.org, you may find this information helpful.

    If you forgot to include a link to your blog, you can reply and include it below. It'll help people to answer your question.

    This is an automated message.

  3. I got an email in addition to the warning on one of my sites and just followed the directions and changed the password.

  4. @ thesacredpath

    Thanks.

    Just wanted to make sure I wasn't the only one dealing with what is clearly a site-wide issue.

  5. It didn't affect all sites apparently since only one of my blogs/usernames was affected. I have two other usernames/accounts and both of them are fine.

  6. Huhmm ........ Was the affected site relatively more popular (in terms of traffic) than the other two?

  7. No, it would not be connected to popularity.

  8. I got one of these only a few hours ago. I changed my password.

    Now, having logged in once again, I'm being told the same thing a second time.

    Dear WP, how many times will I be required to change my password ... per day?

    FAIL.

  9. Well, posting in the forum isn't the same as getting your feedback to staff: do that via your dashboard Help button. None of the volunteers here are responsible for the warning.

  10. You'll only need to change your password once. This new password change process is . . . well, it's new. We're still ironing out the bugs, but we wanted to get this out there ASAP considering the situation.

  11. Okay. Thanks, macmanx.

    And sorry for my vitriol. Recent experiences with Twitter, Tumblr and Google+ over the past few weeks have left me more than a little testy. :-p

  12. I hear ya on that!

  13. Thanks macmanx, I tend not to implicitly trust emails of that nature ;)

  14. Ich habe heute auch so eine Aufforderung das Passwort zu ändern bekommen.Habe es dann geändert.Und jetzt einige Stunden später noch einmal,warum,ich bin jetzt sehr verunsichert und auch was das mit dem

    Sicherheitsupdate und 15% Rabatt Coupon von WordPress.com‏,verstehe ich auch nicht,was soll das bedeuten.

    Hat mir vielleicht jemand eine Antwort,ob diese Meldung wirklich von WordPress.com ist oder ...

  15. karinakuschnir
    Member

    Are you sure this is not a SPAM?? Is it safe to click on the link??

  16. Das ist ja meine Frage .!!! Darum bin ich ja hier im Forum um zu fragen ob jemand weiß ,ob diese Meldung echt ist

  17. @picola9011: You are posting on the English forums. For assistance in German, I suggest you ask instead at the link below.

    German (Deutsch) : http://de.forums.wordpress.com

  18. picola9011 says her message to change her password includes a 15% discount for wordpress.com
    She is wondering if it is ok to click on that message.

    I will flag the modulators attention.

  19. airodyssey, has the better plan.

    I made my comment because picola9011 has a question about the same topic.

    http://de.forums.wordpress.com/

  20. yes, I did get these annoying message, and I changed my passwrod twice, I am still getting this message. everytime after I changed my password, I'd get another message, offering a coupon to buy wordpress products

    I have decided no to play such games. if my account is hacked, then, I'll move to blogger.

  21. fromundermanyhats0209
    Member

    I got the request yesterday to change my password, too. Along with a 15% discount after changing it. I wrote the code down for later use. Hope it isn't a spam. I have seen one instance where I can't get my Comment Prompt to say what I want it to say since this change. Everything else looks and works ok.

  22. After change my password all the images from my cite was deleted....Help !!!

  23. redstarthockey.wordpress.com is no longer available.

    The authors have deleted this blog.

    You should start a new thread for that issue and also put a link to the blog in question.

  24. Same problem here. I'm located in the Netherlands. I've changed password and some time later the same request to change it appeared on my homepage on wordpress.com... There are two links in the message: one leads to the store and the other to the settings page. If this is a way of advertising it's a very aggressive one. (I can hardly believe they do such!) The only question I have is: is it still save and secure?

    Ruud van der Meulen

  25. I have received the email and I want to delete my account because my password was compromised. However the site states that accounts cannot be deleted, only the site.
    How can I contact the site admin to demand the deletion of my account?

  26. Yes, the email is from us, it is safe to click the link to reset your password, and please feel free to use the coupon.

    The notice may appear in your Dashboard more than once, we're working on that, but you'll only need to reset your password once.

    masfebe, at this time we cannot delete accounts, but you're welcome to modify or clear out your profile information.

  27. I got that, too.

    Maybe we should use 15% discount a month later, to make sure that it is not spam. During now to that time, if it is really spam, WP should tell us something.

Topic Closed

This topic has been closed to new replies.

About this Topic