Search company, investor...
phpBB company logo

phpBB

phpbb.com

About phpBB

phpBB offers news, support, and downloads of the forum software, modifications, and templates of PHP.

Headquarters Location

P.O. Box 243

Harbinger, North Carolina, 27941,

United States

Missing: phpBB's Product Demo & Case Studies

Promote your product offering to tech buyers.

Reach 1000s of buyers who use CB Insights to identify vendors, demo products, and make purchasing decisions.

Missing: phpBB's Product & Differentiators

Don’t let your products get skipped. Buyers use our vendor rankings to shortlist companies and drive requests for proposals (RFPs).

Latest phpBB News

XKCD Forum Goes Offline After Discovery of Data Leak Affecting 562K Members

Sep 3, 2019

shares XKCD forum, the bulletin board associated with the popular webcomic XKCD, has been taken offline after personal information of more than 562,000 members was exposed online. “We’ve been alerted that portions of the PHPBB user table from our forums showed up in a leaked data collection,” XKCD said in a notice. “It is likely that it was gathered up in some automated scan taking advantage of a vulnerability in the forum software.” The exposed information — which was provided to HIBP by white hat security researcher and data analyst Adam Davies — included usernames, email addresses, hashed passwords, and in some cases an IP address from the time of registration. The comic created in 2005 by American author Randall Munroe goes by the tagline “a webcomic of romance, sarcasm, math, and language,” and often features mathematical, scientific, and pop-culture in-jokes. XKCD uses phpBB  — a free and open-source bulletin board software built in the PHP programming software — and according to Hunt, the passwords were hashed in MD5 phpBB3 format. New breach: XKCD had 562k accounts breached last month. The phpBB forum exposed email and IP addresses, usernames and passwords stored in MD5 phpBB3 format. 58% of addresses were already in @haveibeenpwned https://t.co/LGaAnj1hUA Hashing is the process of taking a plaintext user-provided password and converting it into a jumble of random characters by adding an optional salt string over several iterations that are then stored inside a database, without exposing the user’s real password. It’s a one-way encryption function. Although MD5 is still widely used, the password hashing scheme (along with SHA1) is considered “ cryptographically broken ” unlike stronger, newer alternatives like BCRYPT , SCRYPT, and Argon2 due to increased possibility of collision attacks — wherein two different plaintext messages produce the same hash value. It’s because of this reason that websites, web, mobile, and other applications must use a strong password hashing system to safeguard user data. If anything, the incident serves as yet another potent reminder as to why software needs to be constantly kept up-to-date, especially if they are from third-parties. Although phpBB migrated to BCRYPT with version 3.1 and later, it’s very much possible early users of the XKCD forum had their passwords hashed using MD5, which was the standard in phpBB before it was replaced with BCRYPT. Realistically, this could have been avoided if a hash upgrading scheme was in place to move users from MD5 to BCRYPT upon login. For now, the same rule of caution applies. In the event you turn out to be among those affected, immediately change your XKCD password, as well as any other accounts on which you used the same (or similar) password.

phpBB Frequently Asked Questions (FAQ)

  • Where is phpBB's headquarters?

    phpBB's headquarters is located at P.O. Box 243, Harbinger.

  • Who are phpBB's competitors?

    Competitors of phpBB include Say Media and 2 more.

Compare phpBB to Competitors

Say Media Logo
Say Media

Say Media works with advertisers to create authentic campaigns that are aligned with editorial and designed to captivate readers. The company also does in-depth research and creates beautiful media experiences for publishers.

C
CrowdGather

CrowdGather is a web service for forums that aims to provide an interactive and informational social network for members, a management and revenue-sharing resource for third-party forum owners, and an advertising network for marketers worldwide.

Huddler Logo
Huddler

Huddler is a digital media company and technology platform that powers knowledgable and passionate communities online. Through its technology and platform, the company makes communities more engaging for enthusiasts and marketers. Huddler's enthusiasts ask and answer questions, share product reviews, collaborate on wiki articles, and generally thrive on being able to share passion with one another and the digital world at large.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Request a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.