If you were recently asked to update your password to log into Mystic Medusa, apologies for the inconvenience. We updated our security settings so that anyone using a potentially insecure password has to change it.
What counts as potentially insecure? Any password that is extremely basic (eg: 1234 or your name) or – more significantly – that you used on a site which was breached.
You can visit Have I Been Pwned to check if your email was involved in a data breach.
The error message does not mean, as a few people have feared, that Mystic Medusa had a security issue. It’s the opposite – we’re now making people change insecure passwords to protect the integrity of our members.
If MM did ever experience an issue, we would notify all site users immediately as this is a legal requirement as well as obviously the right thing to do.
We’re extremely privacy and data-security conscious. As well as investing in various layers of cyber-sec tech, we do not contract out our admin support – they are in-house – and we use licensed developers from Codeable, who are security-checked. We also avoid various factors that can make sites more insecure or which compromise privacy – advertising, social log-ins, social share buttons and – for the time being – Paypal.
We needed to remove the Contact Support form temporarily as the anti-spam measures in place were not sufficient to deflect artificial-intel powered spam. However, it will be back by Wednesday, albeit with some form of additional captcha (I am not a robot) feature.
So again, sorry for the hassle or if you were perturbed by the message, but being compelled to use a more secure password is good for you and the MM community!
Thank you! I appreciate all these comments so much. Astrogeek, Penelope and Trish, this should not be happening – however, if it is it would be because (a) you haven’t ticked the ‘stay logged in’ box or (b) something to do with your browser cookie settings – I noticed it happening to me when I was using Firefox as it has privacy settings to stop some tracking cookies. We don’t do any of that but the ‘stay logged in/remember me’ feature does have a cookie. So, please can you message Support – the classic Contact form is now back btw – but check out the two points above first! xx
Thanks Mystic, appreciate the way you work and the security update post to let us know.
I didn’t get a prompt to change my password, but it does seem like I have to log in to access subscription content every time I visit now (whether on mobile or desktop). Minor inconvenience, but do you think it is something specific to my browser (Chrome)? I cleared my cache about a week ago for various reasons.
I had both but the requests to re-login stopped eventually.
I have the same scenario.
Thanks Mystic for being so security conscious with our data, you are one in a million! I feel like it’s a case of trying to stay one step ahead of the AI and the scammers every moment of the day – in every way. I have actually learnt more about online security from your posts/ website – then anywhere else 😀