Hot news today on the internet today: due to a security flaw at CloudFlare (a website caching/content delivery platform), many, MANY website passwords may have been compromised. As BlenderNation uses CloudFlare to handle our traffic, we're on the list of potentially impacted websites.
This means your password here, even though we use SSL encryption, may have leaked and you should reset it immediately. What's worse: the complete list of sites (link below) is HUGE and you may have to spend a significant part of your weekend updating your passwords. Thanks, CloudFlare!
Enable 2 Factor Authentication
To add a layer of security, I have added 2 Factor Authentication (2FA) to BlenderNation. When logging in, 2FA will require entering a time-dependant security code that is generated with a specific 2FA app.
You can use this optional extra check by installing Google Authenticator (or any other TOTP-based authenticator app), logging in on BlenderNation, returning here and then enabling 2FA here. Follow the instructions and make sure the one-time code in your app matches the one on the screen before you log off - if it doesn't, you won't be able to log in on BlenderNation anymore!
Sorry, I didn't have time to polish the login system - I'll do that later this weekend.
For more information, please read this detailed article on Forbes. You can download the full list of affected websites from GitHub.
4 Comments
Thank you for the alert ! I changed my password .
I need a second brain, so that I can remember my passwords. Because even my password managers have passwords. lol
it was about time to change all my passwords anyway.
How I can login if I use TOTP and I lose my phone?