Upcoming Change to CC Login on April 19th

TL;DR: All registered users will need to change their passwords after April 19th. Click here for instructions on how to reset your password. If you have any trouble send us an email at admin@collegeconfidential.com

Hi everyone,

Protecting the privacy and security of our CC community is a very important part of our team’s responsibility. We take it very seriously. As part of our regular maintenance of CC, we review all areas of the site and identify where we can improve our security and keep pace with the latest standards and technology that helps protect the data of our users. Many users have asked us about our data and account management procedures and account change requests are some of the most frequent we get.

To that end, on April 19th, we’ll be rolling out a change to the way that users create accounts and log in. This change will update the way we protect vital information like emails and passwords and align it with industry security standards. Additionally it will bring several additional benefits:

• Easy changing of usernames (with admin approval)
• Easy changing of emails (you can do this yourself!)
• Eliminating several hiccups with registration
• Eliminate problem with logging in every time you visit
• Easier anonymization of accounts
• Pave the path for bringing back features like school lists

The only temporary drawback to this change will be that all logged in users will be logged out and be required to change their password. While annoying, this is a necessary step in our upgrade to new technology and standards.

WHHYYYYY do we need to do this?
Because you deserve the best system that protects your security, is reliable, and makes it easy to manage your own account.

When will this happen?
The upgrade is tentatively scheduled for early morning (3AM EST) on Monday, April 19th.

How do I reset my password?
I will post screenshots later this week that will show you step-by-step what you need to do.

Can I just reset my password now?
No. You’ll need to reset your password after we do the upgrade on the 19th.

I use the same password for all my accounts. Can I keep my password the same?
Uhhhh… I guess you could… but I highly recommend using a password manager and making the passwords on all your accounts different.

What if I don’t have access to the email associated with my account?
Send a PM to @CCAdminVic immediately with the email address you want to be associated with your account. When we do the upgrade, we’ll reset your email and then you can reset your own password.

Didn’t we just #@$! do this!?
It is true that there was a login change in December of 2019, but that was a completely different system and a small step towards this larger upgrade. That was a step in the direction of clearing out invalid accounts, this is making the login/registration system better as a whole.

Does this mean our security was bad?
No. We do not want to take a reactive approach to security and systems. Instead, we seek to be proactive and do the necessary work to keep our systems up to date with the best technology as soon as we can.

Was there a data breach? Is that why you’re doing this?
Heavens no. But there have been A LOT of breaches lately with some big name sites, which makes reviewing our systems and keeping them up to date even more important.

Please ask any questions below and I’ll do my best to answer as soon as I can. I’ll also update this post with screenshots of the exact procedure to follow to reset your password after the 19th.

Thank you for being part of the CC community!

What about if we don’t remember our password?

Not to worry - you don’t have to know your existing password. As long as you have access to the email on your account, you will request a “Reset Password Link” and set a new one. I’ll post a step-by-step walkthrough with screenshots so you’ll know exactly what to expect.

I’ve posted a step-by-step guide to resetting your password on Monday:

Are the password rules the same? Upper case, lower case, number and symbol?

We’ve loosened the complexity requirements in favor of a length requirement.

• Minimum 10 characters
• Cannot be on the list of most common passwords (e.g. 12345678 or “password123”)

My personal favorite is a set of lowercase random words:

xkcd Password Strength

740×601 90 KB

Any way we can keep the same password…or do we have to change it?

As long as it conforms to the rules, you can change it to whatever you want - I’ll never know.

(i.e. there’s no “can’t use the same password as before rule”)

I don’t know that this information is getting out widely enough to users of the CC fora. I mean, I log in every day (well, maybe not over weekends, but otherwise) and the only reason I heard about this was because it was mentioned in passing on a completely different social media site I’m on.

Just saying that there may be a blind spot on the part of site administrators (and this is a widespread problem, not just CC by any means) where there’s a belief that if something has been posted in an allegedly visible location, everyone who needs to see it will.

Me, for example, I come here to look at specific ongoing threads and not to surf all the latest posts, and I know I’m not remotely alone in that. For people like myself, as well as a good number of other sorts of users of the site, an announcement mentioned in a post in one corner of the fora like this isn’t enough to get the word out.

Agree…this needs to be in a big banner at the top of every single subforum and forum on this site. Otherwise…folks will miss it.

Whew - finally figured out how to do it. Better?

I’m not seeing that there is a change to the log in…just a click here button. I definitely wouldn’t just click a button on the top of the site unless I knew it was pertinent.

No change to logging in until after April 19th. The blue banner at the top is there just to let folks know the change is coming.

Screen Shot 2021-04-15 at 5.52.43 PM1896×444 25.1 KB

This is what I’m seeing. Nothing that there is a change coming, just “please see this post for all the information”. I think that should be clearer about a log in change.

Wow, that was the first version I posted for like 30 seconds before I realized what happened. Here’s what it should look like now:

Screen Shot 2021-04-15 at 3.55.07 PM1139×147 12.9 KB

I think a refresh should correct it. (or maybe closing and reopening the tab?)

Still there Mike, after closing and reopening. It’s correct on my phone but not my laptop.

But, just came back to the laptop and now it’s reading correctly! Very weird but hopefully other people don’t have the same problem.

@CC_Mike thank you. I see it clearly using an IPad 8. I’d leave it up for a LONG time…

I also heard about the upcoming change on a completely different platform. Today the notice was flashing briefly on the screen each time I changed topics, but not long enough to click on anything, so I went looking for it.

I don’t actually see that blue banner unless I’m at the first post of a thread. I did finally see the banner when I went to the Parent Form start page. Maybe you could also make it a different less tasteful color?

I actually can’t change the color, but I’m pretty sure that’s the first time I’ve been asked to make something on the site less tasteful!

Now I’m really curious - where else are you hearing about this change?

There have been lots of CC spinoffs over the years—f’rex, sometimes folks on the Parents of the Class of 20xx groups will create private Facebook groups so that they can share pictures of their kids (as well as sharing other news in what is effectively a non-public forum).

I heard about it effectively simultaneously on two of those (one of the ones I mentioned above, plus another more general-purpose one).