New Security Measures

For sure on a breach. I'm thinking of going forward. No reason to regularly make people choose new passwords.

 

I was in this same exact issue. You need to use your password and change that email in your profile before you reset your password! Otherwise you will be locked out.

 

Thanks for keeping us posted Todd.

Just want to relay a quick story for anyone who might think they're not at much risk since the breach was such a long time ago.

I recently had my Netflix account hi-jacked and after doing some digging, I figured out what had likely happened. More than a decade ago there was a breach at a fairly low rent internet gaming website that I was using at the time. I knew about the breach and stopped using that password, but over time I got sloppy and started using it again on "unimportant" websites like Netflix and such.

Fast forward to 6 months ago and a large dataset of old stolen passwords, including those stolen from that internet gaming site, had apparently begun circulating again which lead to a whole new round of hacks for anyone like me stupid enough to still be using those old passwords. I can't say 100% that that's what happened but the timing makes it seem very, very likely. Thankfully I was at least smart enough not to ever use that password again for things like banks or credit cards.

So it's totally possible that the dataset that the BA breach was a part of (Couponmom 2014 according to Todd's email) could also come back into circulation in the same way. So if you use your BA password at any other sites I would definitely recommend changing them all even though the breach was a long time ago.

ETA: and for the record Netflix did a great job and made fixing the problem very easy over internet chat with a representative.

 

I woke up this morning and tried to get into BA only to find that I had to reset my password. I am not sure why, something happened with my subscription I think, but about a year ago I had to set a new email. My dumbass made one up and now could not remember what the email was that the password reset went to. Thanks to whoever on BA support on Twitter I was back online in 10 minutes. Thanks to whoever that was!!!

 

Password changed

 

I recommend LastPass to track and manage login credentials.

 

This is my first question as well. I’m sure it is being properly dealt with now, but this is exactly what it sounds like to me - based on this breach, someone has had access to our passwords for 8 years - I’m personally glad my BA password just happened to be different to my other passwords, many of which have certain similarities. As part of this process, it would be nice to know a little more about other data that might have been compromised, if it appears that there have been any negative consequences as a result, etc.

 

I can't recommend 1Password enough, $4.99 a month for a family plan and worth every penny.

 

Every password I have for any account that matters (i.e. where I would give a damn if the password was exposed or the account hacked) is unique. These accounts also have additional security features engaged (e.g. 2 factor). For these I also do not allow the browser to save either the user name or the password.

I don't use an app to keep track of my passwords. That means I would have to trust the app!



I use my own encrypted file.

My BA password was, before yesterday, one of my commonly used passwords for accounts I don't care whether they are hacked. I still think BA falls into that category for me, but now there are password strength requirements here (although, oddly, they were not enforced on the "forgot my password" link, but are enforced on the "change my password" setting from within the account), so it is no longer one of my common (reused) passwords.

 

1Password is end to end encrypted so even if they were hacked, the hacker wouldn’t have the key to decrypt your data.

https://support.1password.com/1password-security/

 

So they say.

My technique is encrypted, plus, it's free, not $5 a month.

 

My email address was unchanged from when I first set up my Beer Advocate account and apparently was still valid so Beer Advocate sent their password reset email to my existing email address.

 

Didn't read through all the replies, so if this has been brought up already, I apologize.

"My Beers" has disappeared from my profile page. I like to have quick access to it for when I purchase beer that I'd like to try but don't think would be a repeat drinker.

When y'all gonna actually get the app in order.

Thanks.

 

Just rechecked, and I can find it. Still, getting an App in order should be on the "To Do" list. When I was in Japan a year ago, my brother-in-law told me that the serious beer folks over there used untapped while I was using Notes to jot down beer reviews for the new stuff I encountered there. Most if which I haven't (and never will) transcribed into an actual review, because it's more work than I'm willing to put in.

You could say that I'm too lazy to do the work, but on the flipside, y'all know what we're up to, so make it easy for us. You know how folks are, set them up to succeed.

You have very recently teased an app, so I am looking forward to it, as I'm sure most users of this website are.

 

It sounds like you don't use BA on your phone at all. I think the site works well on my phone, although I don't type much because I don't like using a small keyboard. I get along well in the forums as long as I don't write a dissertation. Try it if you aren't already doing so.

 

You are correct, I don't use it on my phone, because the few times I would like to use it on my phone would be for reviews. I'm guessing that this is a big reason for the partnership with untapped.

I'm a decade deep on this. Think about how many new users would stick around if it were easier for them to use the preferred technology of their generation.

 

Maybe im just slow but I changed my password while on my laptop and all is great. I cant seem to log in on my phone though. Is there something else I need to do?

Enjoy