You can always uncheck the box (userCP) to stop getting emails from the admin....or change your email address to some bogus one.

Glad I'm not the only one.

Same here.

Not true. After 5 invalid attempts, the account is locked out for 15 minutes even for the valid passcode.

More wrong info from certain staff members...like in the now closed recent "delete my account" threads here, users were instructed to uncheck receive site admin emails to stop getting these notifications which does not work for account locked due to 5 invalid login attempts. I have had all of those email options unchecked on my account here for years and still get mailings on my account. vB 3.6.12...lovely piece of software to be still running on an official vB company forum in 2014. :rolleyes:

I am getting the messages too. I got 8 last night. several additional emails over the last few days. I've changed my password from super-tough, to super-duper-tough..

any fix for this besides a workaround to not get admin emails? that seems like a bad idea.

I'm absolutely not wrong. The "lock" is only on the IP address causing the problem. If I try to log in to your account from my computer it only blocks me from logging in, not you. I've tested it myself.

It works exactly as BirdOPrey5 mentioned: the lock is per IP, not per username.

I figured that was what was going on again. I was hit this time. Didn't make it in though. :)

I got the email warnings as well. They failed to get into my account though.

vB.org is the only site that's informed you that it's happened. There's a difference. And it's the biggest, brightest point we're trying to make. The "thing being done about it" has already been done. It's just, this time, you were informed. Not all websites will tell you unless the attempt was successful. And even then...


Come on guys, read the last few posts.

If the guy below me posts without reading the last few posts again, I'm going to drop a spork on his head.

I have learned that, while reading is the most fundamental skill we all are supposed to have, it is the one most often never used....

2 for me today and one from the other day. Someone should block the IP's

The person trying to log into your account had the following IP address: 223.84.180.232
China
The person trying to log into your account had the following IP address: 178.22.51.220
Russian Federation
The person trying to log into your account had the following IP address: 183.223.163.214
China

I blocked them from my site

What is happening?

Someone is trying to login to your account, since they failed the system notified you.
https://vborg.vbsupport.ru/showpost....7&postcount=93

• You are not blocked for 15 minutes UNLESS your IP is the same as that listed in the emails so no fret.
• We are not making changes to the site, it is functioning as-intended and you're being notified properly which is what it was designed to do, it was not designed however to cause mass panic and should not be misconstrued as such either.
• You can change your email address on file and make changes to your account to stop these emails.
• This happens on many sites daily not just vBulletin.org, it is a common spam/hacking technique, of course they want to know your username and password please Google the term "Social Engineering" to learn more.

People are trying to brute force accounts, If you took 10 seconds to read the topic, or other topics, you'd know this.

This is a pretty interesting list of the 10,000 most common passwords...

Suffice to say if your password is on this list you should change it... If it's in the top 100 you really need to change it.

https://xato.net/passwords/more-top-.../#.U0mvURBZ3of

I especially like how michael and jennifer were in the top 20. I wonder if the're dating.

Cool site for checking the strength of your password... This is what I got for mine:

https://howsecureismypassword.net/

When I see a strange IP address included in an email from vb.org, I run the IP address through http://network-tools.com/ to find out what country the attempt came from.

I got several emails this week regarding the attempted logins and most of the IP addresses came from either Asia, China, or India. Just letting you know.

I finally got "The Email". Da Da Daaaaaaaaa
Curious though, (Cue creepy organ music) what are they really after? There's no credit card info here. Even if there was and they got my numbers, it's only got 5 bucks on it. Don't spend it all in one place...

My guess is one of the following-

1) Spam
2) Licensed account to download all modification for pirate use / trade with other pirates
3) Looking for members who may use the same password here as on their own websites or vb.com- but it would still take effort to figure out their forums or accounts unless they posted links or had links in the signature or in the homepage link in user cp.

Interesting. Thanks.

It's not even relevant really anymore, where a given IP might resolve to - since they're so easy to spoof now.

And I would bet the bolded is the biggest one.

It's why when I see accounts posting that were long dormant until the posts, I get suspicious.

im one of those max
i have not logged in here for a few years now, and got flooded with emails recently saying locked out bad pass attempt..
i just changed my pass and checked my username for new posts, a few mins ago and there were none, so all is good

:-)

I don't get suspicious when I see dormant accounts reply to threads such as this, or create threads such as this. It's expected, happens every time there is a brute force attack.

It's some time after, when you'll see a few long dormant accounts here and there, posting weird stuff and making strange requests.

You and several others though ARE proof that email prompting does work for getting the activity up! :D

The world is ending, apparently :erm:


(it could at least wait until my holiday is over)

Or until the rain quits so I could fly my quads and hex one more time.

Its happening to me as well.
I've had 100 emails since morning. IP location shows all from China

The person trying to log into your account had the following IP address: 117.174.231.191
The person trying to log into your account had the following IP address: 183.220.197.192

I think that it is a bot or something and its gonna find my password soon :eek: :down:

Ummm, not sure what are you referring to here ?

I wish there was a way to collect just the IP addresses everyone has been posting up with out going through the hole post. This way I can drop them in my ban list.
Even though I have some 267,495 IP banned already mostly from China, venezuela, and the Russian federation just from using the stop forum spam list. If I get a spammer or a hacker report from a member I ban the address range by the C string. 111.222.333.*** Then I use the stop forum spam db to see all the nearby addresses and drop them in just for fun. I haven't had any spammers or hackers get through in months since I started doing that.

That would be an incredible waste of time... These are likely mostly dynamic IPs, in a few days they won't even belong to the people they belong to now.

Also- your vBulletin banned IP list isn't designed to handle hundreds (or thousands) on entries. Each IP is loaded on every page load- keep your banned IP list short. Ban IPs from your server if you have to.

Im also getting an incredible amount of emails about someone trying to get into my account.

When you 'forget your password?' vb.org sends you a new password that consists only of numbers.

Just ignore them. The system is behaving exactly as it should, by denying access.

The person trying to log into your account had the following IP address: 221.141.1.222
The person trying to log into your account had the following IP address: 61.158.173.188

Make sure your passwords are up to standards.

If it was me I'd ban all china IP's from the server but that's just me.

So if vB.org was to block all China ip's how would legitimate users from China come here for support and get mods?