Resetting the Password


If you’ve been following the recent blogosphere buzz, you might have seen a post from Microsoft’s Security Response Center blog regarding password recycling.  In this case, “password recycling” is defined as the practice of reusing old passwords from one site to gain access on another site.  

The reason for this article is that a user reused a password on the microsoft.com site and was subsequently able to gain administrative access of various systems, some of which were used for sending out information via email.  While Microsoft had controls in place to limit this type of access, it’s clear that more can be done.

how to change password on soundcloud

The first method is to strengthen the password itself .  With more sites implementing stricter policies with regard to passwords (such as not allowing dictionary words or letter/number combinations), it requires users to incorporate symbols and other numbers into their passwords.  This has two benefits: 1) it makes the password stronger, and 2) it eliminates the possibility of a password being recycled.

The second method is to limit the number of invalid login attempts before locking a user out of an account .  By monitoring failed login attempts, you can catch potential abusers by banning IP addresses after a certain threshold has been met.  

What to do if you’ve forgotten your password?

Typically, you can reset your password by entering the username and answering the security question accurately.  This will allow you to establish a new password for which you should ensure is strong and not recycled from an old password.

For more information on these and other security issues, please see Microsoft’s Security Guidance site .  

How to reset your password:

1.  Go to www.soundcloud.com and click “Forgot Password”

2. Enter the email address you use to log in and we’ll send a link to your email inbox that will allow you to set a new password

3. Once you’ve changed your password, make sure you sign out of all browsers and email programs you used to access your account.   

4.  In the future, please make sure that you do not use passwords that may have been created or reused on other sites.  

What to do if you can’t remember your username?

If you remember your email address, but not your username, click here to receive a prompt to help you recover the username associated with that email address.  Please note that this prompt is only sent once; if there are multiple matching usernames in our system then only one will be displayed.   If you need additional help retrieving your username, please contact us here .

How to find out your username

1.  Go to www.soundcloud.com and click “Sign In”

2. Click “I Can’t Access My Account” in the top right corner of the screen

3. Enter your email address and we’ll send a link to your email inbox that will allow you to reset your username

4.    Once you’ve changed your username, make sure you sign out of all browsers and email programs you used to access your account.  

5.  In the future, please make sure that you do not use passwords that may have been created or reused on other sites.   

Conclusion

We understand the importance of keeping your data secure and not sharing it with unauthorized users.  In this case, a password recycling scheme at another site allowed an attacker to gain access into other systems outside of Soundcloud.com .  While we have tools in place to monitor failed login attempts as well as limits on possible passwords, these limits were bypassed by the attacker.  


Leave a Reply

Your email address will not be published. Required fields are marked *