Kudos to those folks who mitigated the attack. And logging back in is a small inconvenience for me. I do worry about everyone on the instance waking up and finding that commenting isn’t working, trying one more time the next day and finding it still not working, and just giving up and never coming back. This may have been necessary but it can be a really negative impact on a community that’s trying to grow.
Just to add to this.
This is because the authentication tokens that your browser uses are stored in cookies, these match up with entries in the database.
As a way to mitigate the hack, admins deleted the entries in the database rendering the tokens in cookies useless.
This means that any tokens the hacker got access to are also useless.
Kudos to those folks who mitigated the attack. And logging back in is a small inconvenience for me. I do worry about everyone on the instance waking up and finding that commenting isn’t working, trying one more time the next day and finding it still not working, and just giving up and never coming back. This may have been necessary but it can be a really negative impact on a community that’s trying to grow.