Welcome, I'm sure you've got some questions about what this site is, and why you'll need to change your password. Hopefully I've got answers!

TLDR: Password Reset Required

To use kumos.subeta.net, you'll need to reset your password. Reset your password on the login page and you'll get a request to your email, follow the link and choose a new password.

You can choose the same password you're already using, but we recommend choosing a new password every 6-12 months and using a password manager like 1password to manage your passwords.

Once you've reset your password, log in on https://kumos.subeta.net from that point forward. It will set login information for all of our sites!

What happened with auth.subeta.net

I built auth.subeta.net to be a bridge in what looked like a long road of getting all of our sites to use the same authentication system, while building new sites in a micro-service architecture. Think of something like google.com, gmail, google maps and youtube all using the same authentication, on sites that serve different puposes.

That isn't what we're doing anymore. You can read more about project Kumos here: [thread=8], but the short version is that we're building a new site that will completely replace Subeta, and take on every piece of functionality. No more singular wardrobe, or cash shop, or forums, or anything. It's all going to be one site, and it's going to be awesome.

To be that bridge, auth.subeta.net handles the legacy authentication system, which has been around for 20 years. To give you some historical context, for the first two years of Subeta we didn't even hash passwords in the database. They were just stored there, in plain text. I'm sorry 😭 I didn't know better! After that, we worked toward adding hashing and security to the login system, and have added to it piecemeal over the years. One thing we haven't done is require passwords to be updated to the newer hashing algorithms. The first hashing method used on passwords can be cracked in under an hour by a computer rented from AWS that costs under $5.

This site will log you in to all of Subeta, and does it in a way that is more secure than auth.subeta.net and requires the newest hashing methods available.

Why do I need to reset my password?

I built auth.subeta.net to handle the authentication between all of our sites, and made a concession to continue handling the legacy login on that site. That meant writing a bunch of code that allows old, out of date passwords to continue to be used, just so that we didn't need to get passwords reset.

Now we're going to just pull the bandaid, and require updating passwords across the board. This will update the password to using the newest method of hashing in our database and make your account more secure.