Anyone else gotten the "change your password" advisory in admin section of blog?
I just did, and here is the text that was attached to that advisory:
“We recently found and fixed a mistake that we’d like to tell you about. Passwords on WordPress.com are saved in a way that makes them extremely secure, such that even our own employees are unable to see your actual password – the one you enter to login to your WordPress.com account. However, between July 2007 and April 2008, and September 2010 and July 2011, a mistake in one of our systems used to find and correct bugs on WordPress.com accidentally logged some users’ passwords in a less secure format during registration.
We’ve updated our systems to automatically prevent passwords from being logged this way in the future, so this will not happen again. We don’t have any evidence that this data has been accessed maliciously or misused, but to be on the safe side we are resetting your password since your account is among those affected.
Please change your password here.
If the password you used when you registered on WordPress.com was one you use elsewhere, you should change it there, too. In the future, remember that it’s good practice to always use unique passwords for different services.
We are terribly sorry about this mistake. No one likes having to create new passwords and we’d like to include a 15% off coupon to say we’re sorry. The coupon can be used for a custom domain, a design upgrade, VideoPress, or a storage space increase. Just use the code below on any of the upgrades on the WordPress.com Store: XXXXXXXXXX.
If you have any questions at all, please let our Happiness team know at (email redacted)”
I have searched the forum for any recent discussions on this without success.
I am e-mailing WordPress admin just to be sure. Meanwhile, any input, advice or comment on this could be helpful.
You did not specify a blog address or reason for posting when you created this topic.
This support forum is for blogs hosted at WordPress.com. If your question is about a self-hosted WordPress blog then you’ll find help at the WordPress.org forums.
If you don’t understand the difference between WordPress.com and WordPress.org, you may find this information helpful.
If you forgot to include a link to your blog, you can reply and include it below. It’ll help people to answer your question.
This is an automated message.
I got an email in addition to the warning on one of my sites and just followed the directions and changed the password.
Just wanted to make sure I wasn’t the only one dealing with what is clearly a site-wide issue.
It didn’t affect all sites apparently since only one of my blogs/usernames was affected. I have two other usernames/accounts and both of them are fine.
Huhmm …….. Was the affected site relatively more popular (in terms of traffic) than the other two?
No, it would not be connected to popularity.
I got one of these only a few hours ago. I changed my password.
Now, having logged in once again, I’m being told the same thing a second time.
Dear WP, how many times will I be required to change my password … per day?
Well, posting in the forum isn’t the same as getting your feedback to staff: do that via your dashboard Help button. None of the volunteers here are responsible for the warning.
You’ll only need to change your password once. This new password change process is . . . well, it’s new. We’re still ironing out the bugs, but we wanted to get this out there ASAP considering the situation.
Okay. Thanks, macmanx.
And sorry for my vitriol. Recent experiences with Twitter, Tumblr and Google+ over the past few weeks have left me more than a little testy. :-p
I hear ya on that!
Thanks macmanx, I tend not to implicitly trust emails of that nature ;)
Ich habe heute auch so eine Aufforderung das Passwort zu ändern bekommen.Habe es dann geändert.Und jetzt einige Stunden später noch einmal,warum,ich bin jetzt sehr verunsichert und auch was das mit dem
Sicherheitsupdate und 15% Rabatt Coupon von WordPress.com,verstehe ich auch nicht,was soll das bedeuten.
Hat mir vielleicht jemand eine Antwort,ob diese Meldung wirklich von WordPress.com ist oder …
Are you sure this is not a SPAM?? Is it safe to click on the link??
Das ist ja meine Frage .!!! Darum bin ich ja hier im Forum um zu fragen ob jemand weiß ,ob diese Meldung echt ist
picola9011 says her message to change her password includes a 15% discount for wordpress.com
She is wondering if it is ok to click on that message.
I will flag the modulators attention.
airodyssey, has the better plan.
I made my comment because picola9011 has a question about the same topic.
yes, I did get these annoying message, and I changed my passwrod twice, I am still getting this message. everytime after I changed my password, I’d get another message, offering a coupon to buy wordpress products
I have decided no to play such games. if my account is hacked, then, I’ll move to blogger.
The topic ‘Anyone else gotten the "change your password" advisory in admin section of blog?’ is closed to new replies.