Gackt'sMother
Lv. 1 Adventurer
Hey everybody - for some reason I don't understand, I got signed out of TLS, and now I can't sign in as myself. I seem to have been assigned the username Gacktsmother. Can anyone help me regain my account?
Help - I'm Licorice
- Thread starter Gackt'sMother
- Start date
LicoriceAllsorts
Donator
Never mind, I figured it out.
LicoriceAllsorts
Donator
And it was all mine.
Clement Rage
Pro Adventurer
Licorice has been hacked by Gackt! We must unite to defend TLS!
Edit: If we start quoting LOVELESS, we can determine which one is real.
Edit: If we start quoting LOVELESS, we can determine which one is real.
Last edited:
LicoriceAllsorts
Donator
Not entirely inappropriate for me tho.
LicoriceAllsorts
Donator
It all happened so fast, I'm not sure. Somehow all my cookies were deleted - I was away from my laptop when it happened, but nobody else could have touched it - and I had to re-log in to every site I belong to. Normally, when I have to re-login here, the system remembers me as soon as I type 'L'. This time, it denied me and did not recognise my username or password. I hit refresh and suddenly I was being offered the usernme of "gacktsmother", but still could not log in using my password. I asked for a password re-set and it sent one to my gmail:
So then I was logged in as Gackt'sMother. I was trying to figure out what had gone wrong, so I logged out and then was able to log in again as myself. That's all I can tell you.
So then I was logged in as Gackt'sMother. I was trying to figure out what had gone wrong, so I logged out and then was able to log in again as myself. That's all I can tell you.
Clement Rage
Pro Adventurer
Seems like either a prank from a mod, or someone found your laptop. ' Gacktsmother' is too uniquely not you as a username.
LicoriceAllsorts
Donator
I left my laptop for three minutes and it was in my locked, empty classroom. There had been an issue with a program the school uses which I think caused all my cookies to delete.
Cthulhu
Administrator
- AKA
- Yop
That's all just very weird and fucky. I can't think of anything that would cause this besides a forum software bug and security issue. The weirdness is that you get an email and are able to reset another user's password despite you not owning that email. Can't be something that has to do with sessions getting confused because unless that user suddenly came back, it didn't log in since 2009 (I checked on the old forums). You don't have access to a ssudia2008 email account right? If not then I'll report this as a security issue.
So this is a pretty serious security issue which xenforo needs to fix; it allows for random user takeovers. Probably not controllable but still.
I've googled around a bit; there's reports like https://xenforo.com/community/threads/users-logged-in-to-other-accounts.127749/, https://xenforo.com/community/threads/possible-security-issue.112813/, https://xenforo.com/community/threads/major-users-logging-in-as-other-users.108043/ and https://xenforo.com/community/threads/members-being-logged-in-as-different-members-on-1-4-4.113491/, which all seem to point at caching being an issue - mind you that caching shouldn't allow users to take over other people's accounts. The reports all seem to indicate it only looks like they're logged in as someone else, and they can see things they're not supposed to - which is inline with caching issues I guess.
Let's see if this happens again.
So this is a pretty serious security issue which xenforo needs to fix; it allows for random user takeovers. Probably not controllable but still.
I've googled around a bit; there's reports like https://xenforo.com/community/threads/users-logged-in-to-other-accounts.127749/, https://xenforo.com/community/threads/possible-security-issue.112813/, https://xenforo.com/community/threads/major-users-logging-in-as-other-users.108043/ and https://xenforo.com/community/threads/members-being-logged-in-as-different-members-on-1-4-4.113491/, which all seem to point at caching being an issue - mind you that caching shouldn't allow users to take over other people's accounts. The reports all seem to indicate it only looks like they're logged in as someone else, and they can see things they're not supposed to - which is inline with caching issues I guess.
Let's see if this happens again.
LicoriceAllsorts
Donator
That IS my email, Yop. But I don't know why it's linked to Gackt'sMother; I've never had any other username but Licorceallsorts and that's the email that's linked to Licoriceallsorts. I joined TLS in 2009, but I don't remember making an account called Gackt'sMother. I can't think of any reason why I would do that. Nevertheless, the fact I don't remember doesn't exclude the possibility that I did it.
Now I'm starting to remember myself making a Gackt'sMother account, but this is a false memory created by my brain's desire to find an explanation. (We're currently studying this stuff in my Law class).
Now I'm starting to remember myself making a Gackt'sMother account, but this is a false memory created by my brain's desire to find an explanation. (We're currently studying this stuff in my Law class).
Cthulhu
Administrator
- AKA
- Yop
No that's not possible, but there's two email accounts - ssudia2008 for Gackt's mum, and uuhhh, patti something for Lic. Is that also yours lic? (I'll edit that out if it's too much information about the email address already).
Also Gackt was a big thing, influenced FF character designs and vice-versa and shit,
Also Gackt was a big thing, influenced FF character designs and vice-versa and shit,
LicoriceAllsorts
Donator
It is a bit too much information about the email addresses. I'll message you.