Notice

The forum is in read only mode.

× Keep in mind that suggestions must be within the realm of possibility to be taken seriously.

Posting rules: All registered members can create threads and post to existing ones.

Question Strange email - logged in 12 times?

Start
Prev
1
Next
End

9 years 2 months ago #1 by riking

riking
Topic Author

Posts: 9

Gender: Unknown

Birthdate: Unknown

I got this email earlier today:

---
Dear [name removed]!

You (or someone else) have already logged in into Whateley Admin website 12 times today. There is a risk of unauthorized use.

If more logins are registered, your username will be disabled automatically.

Regards, the team of Whateley Admin
---

at Feb 16, 2016, 8:34 AM from whateleyadmin at this domain.

I'm not quite sure what this means..? I wasn't trying to do anything I'd consider strange, though I was reading stories early this morning around midnight.
I'm pretty curious what that message is counting.. if it's counting login sessions, there might be something going on with my phone's web browser.

9 years 2 months ago #2 by annachie

annachie

Posts: 597

Gender: Unknown

Birthdate: Unknown

What it generally means is that your logging in from multiple ip's. Either you're using a cellular device and triggering it as you start a new internet session, or your home connection is dynamic not static.

For me, it's both.

Phone and dynamic home connection.

9 years 2 months ago #3 by Valentine

Valentine

Posts: 3121

Gender: Unknown

Birthdate: 17 Aug 1966

riking wrote: I got this email earlier today:

---
Dear [name removed]!

You (or someone else) have already logged in into Whateley Admin website 12 times today. There is a risk of unauthorized use.

If more logins are registered, your username will be disabled automatically.

Regards, the team of Whateley Admin
---

at Feb 16, 2016, 8:34 AM from whateleyadmin at this domain.

I'm not quite sure what this means..? I wasn't trying to do anything I'd consider strange, though I was reading stories early this morning around midnight.
I'm pretty curious what that message is counting.. if it's counting login sessions, there might be something going on with my phone's web browser.

In order to prevent, or at least try to prevent, hacking Kristin has the site tracking logins. Unfortunately phones often relogin as they switch hotspots, towers, and wherever else they get an internet linkup. So to you it looks like you logged in once, to the website it looks like you are repeatedly logging in.

Don't Drick and Drive.

9 years 2 months ago #4 by Kristin Darken

Kristin Darken

Posts: 3898

Gender: Unknown

Birthdate: Unknown

Generally, this isn't something to concern yourself with. It's an automated report telling you that "we are watching you" because your login is doing something abnormal and that sort of thing could potentially be the result of attempts to hack the site. Considering what happened to the old site, we're somewhat sensitive to such things. IF you do a LOT of browsing on the site while on the move (say, for instance, that you visit the site while you commute to work via an hour light rail trip), you cross in and out of cell towers coverage quite often and each time you do, you are making a new network connection probably with a new IP address and thus a new login with the site. Even if its happening invisibly to you.

This IS, actually, somewhat risky to you... because those automatic hand offs from network to network can be co-opted and allow for hacking opportunities. And if you do enough of it within a 24 hr time frame, the site may automatically lock you out for a temporary ban while we verify your info... the email to you is to let you know that you're approaching this point (and you get a different mail if you actually get temp banned).

In that event, we recommend that you look at the ways you are using the site while in transit. The 'best' bet is to pull up a story and then switch yourself to offline while you read it. The story is still there, but you are no longer trying to sustain a login along the way.

Fate guard you and grant you a Light to brighten your Way.

9 years 2 months ago #5 by Arcanist Lupus

Arcanist Lupus

Posts: 1820

Gender: Male

Birthdate: Unknown

Also, the "remember me" button on the login makes you far more likely to trigger the warnings.

"Shared pain is lessened; shared joy, increased — thus do we refute entropy." - Spider Robinson

9 years 2 months ago #6 by Jarjaross

Jarjaross

Posts: 455

Gender: Unknown

Birthdate: Unknown

Arcanist Lupus wrote: Also, the "remember me" button on the login makes you far more likely to trigger the warnings.

Agreed, I posted a warning about that a while ago. Thanks go to Kristan for patiently explains why these things happen multiple times.

Maybe it would be efficient to have a small document with many common problems on the server that we could just copy and paste to posts like this… something to think about.

My dreams take me to far off lands and times of distant past and future. They tell what has been done, what will happen and who I am. They show me things beyond the machinations of any man. Tell me, what are dreams to you?

9 years 2 months ago #7 by Kristin Darken

Kristin Darken

Posts: 3898

Gender: Unknown

Birthdate: Unknown

Because, technically, this is part of our security system. A user engaging in dialogue in the forums to find out why something happened tells us that there is a concerned user on the other end of those alerts worried that they may be doing something wrong. An FAQ with the answers to how our security works is... one big step towards that security not existing at all.

Fate guard you and grant you a Light to brighten your Way.

9 years 2 months ago #8 by Warren

Warren

Posts: 272

Gender: Male

Birthdate: 15 Oct 1963

I've actually gotten that email myself when I've been being aggressive in watching for hackers. So it's just the number of logins not changing ip's.

As I've announced I'm being real proactive on spammers and where they are attempting to register or login from. We have modules in place that are comparing emails, login names, ip addresses of everyone that logs in or registers. If you show up on these "black hole" list one time, you will be marked suspicious and we'll watch you closely. (even if it's actually a false positive.) If the person registering is a bot there are probably a few hundred if not thousand reports on the lists we check against. In that case new registrants will be refused. we will be notified and I add the ip address to our own blacklist and they will be faced with visiting Google rather than us.

Don't push the on-button if you don't know where the off-button is. -- Solomon Short

9 years 2 months ago #9 by Astrodragon

Astrodragon

Posts: 1998

Gender: Unknown

Birthdate: Unknown

I've noted it a few times when I've been logged on on my main PC and them logged on a few times as well from my laptop. It seems a bit more sensitive to simultaneous logins but I dont have a big enough sample to be certain

I love watching their innocent little faces smiling happily as they trip gaily down the garden path, before finding the pit with the rusty spikes.

9 years 2 months ago #10 by Sir Lee

Sir Lee

Posts: 3113

Gender: Male

Birthdate: 08 Nov 1966

I got those a couple times. Funny thing is, I only access the site from a single computer -- a desktop station connected to fiber. So I doubt that my IP changed too often to be an issue.

What I think that may happen sometimes is a particular pattern of site visits: several during the day, but spaced far enough that the server timeouts on your visits. So each new visit counts as a new login. Closing the browser between visits may play a role too.

Don't call me "Shirley." You will surely make me surly.

9 years 2 months ago #11 by Jarjaross

Jarjaross

Posts: 455

Gender: Unknown

Birthdate: Unknown

Kristin Darken wrote: Because, technically, this is part of our security system. A user engaging in dialogue in the forums to find out why something happened tells us that there is a concerned user on the other end of those alerts worried that they may be doing something wrong. An FAQ with the answers to how our security works is... one big step towards that security not existing at all.

I apologize and agree. I had not considered the possibility of a standardized response seeming impersonal.

Yes a security FAQ is a terrible idea, I was thinking of writing a small document of point based sumuries of pervious issues possibly with appropraite links to locations wher they have been talked about on the forum. Every time an issue comes up check the document provide standardized reply go on my merry way.

I of course have neither the patience no the time to partake in such an endevor currently but could theoretically try to do later. I'd have to be a more consistent and active participant in the forum though.

9 years 2 months ago #12 by Kristin Darken

Kristin Darken

Posts: 3898

Gender: Unknown

Birthdate: Unknown

It's not really a huge concern. Past experience suggests that most people will simply post a comment or forum post even if an existing thread on the subject is present. Even an FAQ is often bypassed ... unless you put it in between where the person experiences the problem and their means of asking the question. And that's not always feasible.

Fate guard you and grant you a Light to brighten your Way.

Start
Prev
1
Next
End

Moderators: WhateleyAdmin, Kristin Darken, E. E. Nalley, elrodw, Nagrij, MageOhki, Astrodragon, NeoMagus, Warren, Morpheus, Wasamon, sleethr, OtherEric, Bek D Corbin, MaLAguA, Souffle Girl, Phoenix Spiritus, Starwolf, DanZilla, Katie_Lyn, Maggie Finson, DrBender

Notice

Question Strange email - logged in 12 times?

Newest Original Timeline Stories

Newest 2nd Gen Stories

Newest Non-Canon Stories

Newest Independent Fiction