Welcome Guest
Log In | Register )
You last visited November 27, 2021, 8:36 am
All times shown are
Eastern Time (GMT-5:00)

Major Lottery Post security upgrade

Topic closed. 35 replies. Last post 8 years ago by Romancandle.

Page 2 of 3
PrintE-mailLink
weshar75's avatar - Lottery-042.jpg
Mcminnville, Oregon
United States
Member #3013
December 13, 2003
5508 Posts
Offline

Thank you Todd!-weshar75

US Flag

    HIMSELF's avatar - darksword

    United States
    Member #368
    May 25, 2002
    87 Posts
    Offline

    hey i got in  ......worked  this time   ......now if i can only remember what i did

      dallascowboyfan's avatar - chi
      Oklahoma
      United States
      Member #82389
      November 12, 2009
      6371 Posts
      Offline

      Thanks ToddThumbs Up

      I Love Pink & Green 1908

        Avatar

        United States
        Member #122462
        February 1, 2012
        530 Posts
        Offline

        Thanks Todd for your dedication to making this site extra secure. Your efforts are greatly appreciated. I'm so glad you created this site.

          calabs's avatar - bass fret.jpg
          25

          United States
          Member #27049
          November 26, 2005
          40273 Posts
          Offline

          OK, so today Lottery Post had a big security upgrade. It is something I have literally been working on for months, and today I finally made the cutover to the new security system.

          This upgrade was extremely important, in the following respects:

          1. It enforces stricter passwords that are case-sensitive, and for the security-conscious can now be up to 200 characters in length. These types of passwords are great if you use a password manager (for example, LastPass) that generates random passwords for the websites where you maintain accounts. (For the record, everyone should be using a password manager like LastPass.)
          2. I have gotten rid of the ability to send yourself a password reminder, and instead I have changed the "forgotten password" feature to a change password feature. That means that it is now impossible for anyone to get a hold of your password, even if they gain access to your e-mail inbox. They can still change your Lottery Post password if they have access to your inbox (and know your LP Username), but they cannot discover the password that you used.
          3. Most importantly, I have changed the Lottery Post server so that it uses one of the computer industry's best-possible hashing algorithms — called Bcrypt — to store password hashes. Lottery Post maintains very tight security protocols, but even if someone were to find a way to hack into the Lottery Post database and steal the entire user database, there would be no way to pull out or reconstruct the passwords. If I used an older hashing scheme to store the passwords it would be possible for a hacker to use programs to work out the passwords, but not so with the hashing in place now.

          A major security upgrade like this is a very large, complex undertaking, and is a project I have been very carefully working on for months. When implementing new security, there are no second chances — everything needs to go well on the first shot. So I was probably more nervous about this upgrade than anything I have done in years.

          I have never had, nor do I foresee, the Lottery Post database being hacked, but then again I'm sure most of the other companies that have suffered security breaches felt that way before the intrusion. I would rather not see Lottery Post among the Web sites that had their passwords hacked, so this upgrade was entirely a proactive move on my part.

          After installing the upgrades this afternoon, many of you experienced an issue with log in failing. That's because your account was not yet converted over to the new security system. (See If you can't log in, please read this, posted today at 2:11 pm Eastern Time.) At this point all the active memberships are converted over, and the system is finishing converting the rest. It will be completely finished this evening.

          The security upgrades also reach into the Chat system, and I have even beefed up the security there. As someone using Chat, you'd never know the difference, but from the system's perspective it is much, much harder for a hacker to breach or exploit.

          If you are interested in learning more about password security, I'd suggest Googling password salting and hashing.

          Other updates

          While the new security system was the biggest upgrade, there were a number of other minor things that were included in today's upgrade.

          • The VTracs Results page now separates the Illinois My3 results from the regular Pick 3 results, and the My3 VTracs history is now available by clicking on the game name on the VTracs results page.
          • There is now built-in support for Windows 8.1 start screen live tiles. If you pin Lottery Post to the Windows 8.1 start screen, you will get news updates right on your start screen. I also created support and graphics for all the new tile sizes. (Windows 8.1 will be available for Window 8 users to download in the coming months. It will be a free upgrade from Microsoft.)
          • The new spell checker that replaced the now-defunct Google spell checker was part of this upgrade, but I was able to install it two days ago rather than waiting until today.
          • I upgraded to the latest release of jQuery, as I always try to do when performing a big upgrade. jQuery is part of the code that makes up each page, so new releases often help fix bugs and increase performance in various areas.
          • I upgraded the mobile device detection to include the latest mobile devices and browsers, which helps when you browse Lottery Post uses anything other than a desktop computer.
          • A ton of other minor wording changes, tweaks, etc. Many of these minor changes have been finished for a while, but sitting around waiting for today's upgrade to install. Again, many of these will go unnoticed by most people, but they improve the overall quality of the site.

          I am happy and relieved to finally get this upgrade out of the way. If you experience any problems, just drop me a note and let me know.

          You always continue to amaze me with your computer savvy....! Type  Thanks Todd for keeping our info safer!

          BTW, when I saw the first "Other updates", I got REALLY excited seing VTracs in the description.  For a brief moment, I thought it was about the VTrac search engine!!  Big Smile

          Lep

            Avatar
            Saint Louis MO
            United States
            Member #110749
            May 11, 2011
            2650 Posts
            Offline

            Thumbs Up

            Remember to flip 6's 9's, mirror front and end #'s, and do front/back3 for a hit!


              United States
              Member #116263
              September 7, 2011
              20244 Posts
              Offline

              Thumbs Up

                     I Agree!

                MADDOG10's avatar - smoke
                50
                Beautiful Florida
                United States
                Member #5709
                July 18, 2004
                25793 Posts
                Offline

                Todd, thanks for the updates...!

                                                             

                                                              When violence is the primary language that is spoken; be fluent.

                  star69's avatar - DiscoBallGlowing

                  United States
                  Member #81
                  September 22, 2000
                  1737 Posts
                  Offline

                  Todd, Thank You!!! 

                    Kola's avatar - image1
                    Rookie Time Traveler
                    Milky Way Spiral
                    United States
                    Member #28944
                    December 25, 2005
                    1575 Posts
                    Offline

                    Thanks Todd !

                    .

                      helpmewin's avatar - dandy
                      100
                      u$a
                      United States
                      Member #106660
                      February 22, 2011
                      19967 Posts
                      Offline

                      OK, so today Lottery Post had a big security upgrade. It is something I have literally been working on for months, and today I finally made the cutover to the new security system.

                      This upgrade was extremely important, in the following respects:

                      1. It enforces stricter passwords that are case-sensitive, and for the security-conscious can now be up to 200 characters in length. These types of passwords are great if you use a password manager (for example, LastPass) that generates random passwords for the websites where you maintain accounts. (For the record, everyone should be using a password manager like LastPass.)
                      2. I have gotten rid of the ability to send yourself a password reminder, and instead I have changed the "forgotten password" feature to a change password feature. That means that it is now impossible for anyone to get a hold of your password, even if they gain access to your e-mail inbox. They can still change your Lottery Post password if they have access to your inbox (and know your LP Username), but they cannot discover the password that you used.
                      3. Most importantly, I have changed the Lottery Post server so that it uses one of the computer industry's best-possible hashing algorithms — called Bcrypt — to store password hashes. Lottery Post maintains very tight security protocols, but even if someone were to find a way to hack into the Lottery Post database and steal the entire user database, there would be no way to pull out or reconstruct the passwords. If I used an older hashing scheme to store the passwords it would be possible for a hacker to use programs to work out the passwords, but not so with the hashing in place now.

                      A major security upgrade like this is a very large, complex undertaking, and is a project I have been very carefully working on for months. When implementing new security, there are no second chances — everything needs to go well on the first shot. So I was probably more nervous about this upgrade than anything I have done in years.

                      I have never had, nor do I foresee, the Lottery Post database being hacked, but then again I'm sure most of the other companies that have suffered security breaches felt that way before the intrusion. I would rather not see Lottery Post among the Web sites that had their passwords hacked, so this upgrade was entirely a proactive move on my part.

                      After installing the upgrades this afternoon, many of you experienced an issue with log in failing. That's because your account was not yet converted over to the new security system. (See If you can't log in, please read this, posted today at 2:11 pm Eastern Time.) At this point all the active memberships are converted over, and the system is finishing converting the rest. It will be completely finished this evening.

                      The security upgrades also reach into the Chat system, and I have even beefed up the security there. As someone using Chat, you'd never know the difference, but from the system's perspective it is much, much harder for a hacker to breach or exploit.

                      If you are interested in learning more about password security, I'd suggest Googling password salting and hashing.

                      Other updates

                      While the new security system was the biggest upgrade, there were a number of other minor things that were included in today's upgrade.

                      • The VTracs Results page now separates the Illinois My3 results from the regular Pick 3 results, and the My3 VTracs history is now available by clicking on the game name on the VTracs results page.
                      • There is now built-in support for Windows 8.1 start screen live tiles. If you pin Lottery Post to the Windows 8.1 start screen, you will get news updates right on your start screen. I also created support and graphics for all the new tile sizes. (Windows 8.1 will be available for Window 8 users to download in the coming months. It will be a free upgrade from Microsoft.)
                      • The new spell checker that replaced the now-defunct Google spell checker was part of this upgrade, but I was able to install it two days ago rather than waiting until today.
                      • I upgraded to the latest release of jQuery, as I always try to do when performing a big upgrade. jQuery is part of the code that makes up each page, so new releases often help fix bugs and increase performance in various areas.
                      • I upgraded the mobile device detection to include the latest mobile devices and browsers, which helps when you browse Lottery Post uses anything other than a desktop computer.
                      • A ton of other minor wording changes, tweaks, etc. Many of these minor changes have been finished for a while, but sitting around waiting for today's upgrade to install. Again, many of these will go unnoticed by most people, but they improve the overall quality of the site.

                      I am happy and relieved to finally get this upgrade out of the way. If you experience any problems, just drop me a note and let me know.

                      how you get the password Hat


                        United States
                        Member #128784
                        June 2, 2012
                        5431 Posts
                        Offline

                        how you get the password Hat

                        What happened to you? You got lost finding your way back home?  lol

                        MIA for a month now What?

                          haymaker's avatar - Lottery-012.jpg
                          Egg Harbor twp.south Jersey shore
                          United States
                          Member #112963
                          June 29, 2011
                          4137 Posts
                          Offline

                          Todd, thanks, you are THE MAN!

                          And that new spell checker is "ZAPP" ! lightning fast !

                          Extraordinary Popular Delusions & the Madness of Crowds    -- Charles Mackay  LL.D.

                            helpmewin's avatar - dandy
                            100
                            u$a
                            United States
                            Member #106660
                            February 22, 2011
                            19967 Posts
                            Offline

                            What happened to you? You got lost finding your way back home?  lol

                            MIA for a month now What?

                            Orlando No misspellings found.

                              maximumfun's avatar - Lottery-030.jpg

                              United States
                              Member #124610
                              March 16, 2012
                              3713 Posts
                              Offline

                              wow.  Todd - my head spun while reading your post.  Thank you once again for all your hard work and dedication to this site!