★ TouchArcade needs your help. Click here to support us on Patreon.

Question about how much power the admins actually have?

05-31-2009, 10:05 AM
#1
Joined: Nov 2008
Location: Wouldn't you like to know ;)
Posts: 2,632
Send a message via ICQ to brewstermax Send a message via AIM to brewstermax Send a message via MSN to brewstermax Send a message via Yahoo to brewstermax
Question about how much power the admins actually have?

I've been thinking about this lately. I'm interested to see how much power arn (or blake for that matter) actually has. Like, can they see what our password is? Or can they just access and modify our account as pleases them (well, I KNOW they can do this, but the main thing is, can they actually see our password and such?) I guess this is more of a vBulletin question than an arn question, but anyway, feel free to post any more questions. I want to see if arn has that kind of power. If he does, I recommend changing your password and that could be a security risk if he can.
05-31-2009, 10:09 AM
#2
Joined: Mar 2009
Location: Seattle, WA USA
Posts: 4,761
Quote:
Originally Posted by brewstermax View Post
If he does, I recommend changing your password and that could be a security risk if he can.
If an admin can see your password now.. what would changing your password do?

05-31-2009, 10:28 AM
#3
Joined: Oct 2008
Location: The Netherlands
Posts: 1,351
No. And this is publicly available information, anyone who wants to know this could look it up in the vBulletin documentation.

http://www.vbulletin.com/docs/html/main/users_add
This is a page about the admin's right to create a new user or edit an existing one.

While he/she can edit your e-mail address, signature, postcount and the IP address you registered with, you can ready that:

Quote:
If you are editing a user, you will not be able to see this user’s password. Leave this field blank to keep the password as is.

Stefan
05-31-2009, 10:54 AM
#4
Joined: Nov 2008
Location: Wouldn't you like to know ;)
Posts: 2,632
Send a message via ICQ to brewstermax Send a message via AIM to brewstermax Send a message via MSN to brewstermax Send a message via Yahoo to brewstermax
Quote:
Originally Posted by DaveMc99 View Post
If an admin can see your password now.. what would changing your password do?
FML. I knew this should be one to PM arn, but I thought I could get some mature discussion going. Why harp on one statement? I never said it would or would not help.

Quote:
Originally Posted by spmwinkel View Post
No. And this is publicly available information, anyone who wants to know this could look it up in the vBulletin documentation.

http://www.vbulletin.com/docs/html/main/users_add
This is a page about the admin's right to create a new user or edit an existing one.

While he/she can edit your e-mail address, signature, postcount and the IP address you registered with, you can ready that:
Thank you.
05-31-2009, 11:30 AM
#5
Joined: Feb 1983
Location: Barcelona
Posts: 1,268,691
Arn and Blake have root on the TA servers. They have access to everything in the forum database including the MD5 hash that stores your password. Technically speaking they could break your MD5 password hash using rainbow tables or other tricks but I really can't think of any reason why they would bother.

It's a good security practice to use a different password for every web site that you have a log in for. That way, if one is compromised, everything else is still secure.
05-31-2009, 11:57 AM
#6
Joined: Oct 2008
Location: The Netherlands
Posts: 1,351
But how would you remember all of them? Put them on a post-it and stick it to your forehead?

I know I should use more passwords. I use a few (e-mail, forums, etc. have different ones) but still, remembering more than 5 passwords gets hard especially if they're random character combinations.

Stefan
05-31-2009, 12:00 PM
#7
Joined: Mar 2009
Location: Seattle, WA USA
Posts: 4,761
Quote:
Originally Posted by spmwinkel View Post
But how would you remember all of them? Put them on a post-it and stick it to your forehead?
Use initials for the site and add it to your password. password+ta or ta+password
05-31-2009, 12:01 PM
#8
Joined: Feb 1983
Location: Barcelona
Posts: 1,268,691
Use a password manager like 1Password, use a very strong password for your main password file. Problem solved!
05-31-2009, 12:12 PM
#9
Joined: Dec 2008
Posts: 4,176
Well, with great power comes great responsibility...

Arn and Blake are responsible they won't hand out your password or change it I would think There's always a chance that something could happen though....lol...But honestly this is sorta dumb question on the password thing. I see what some people like spmwrinkle about ta+password etc... and Hodapp on 1Password I agree that's a good thing to do just that I;m assuming arn and blake are responsible with passwords and personal info (e-mail etc...,DOB (optional) etc....).
05-31-2009, 12:25 PM
#10
Joined: Dec 2008
Posts: 686
http://keepass.info/

You should use a password manager. Keepass is free.

And then you can use proper passwords like 3djraiYzlP1wIttxNGO