If you're suddenly having trouble logging-in to the site, and it was working for you as recently as Thursday, January 22, please read this message.
An urgent message from Jim Babka...
Yesterday, our Chief Programmer suddenly resigned. Today, Murphy came to visit. We are getting reports that suddenly people cannot login.
Our number one tech support problem had been login issues, and a good percentage of that class of problem came from individuals who were typing in their login information without regard to capitalization and lower case. Our system was "case sensitive."
The final act of our new departed programmer was to fix that problem. But...
...the result is that many who are presently logged-in are not recognized until they clear their old login, and re-login. I'm not a technician, and don't know why this is the case. But the solution is relatively simple. It's 4 (FOUR) direct steps.
If you are trying to send a message and you can't seem to login, please try this approach.
First, click on this link.
http://www.downsizedc.org/users/logout/all
It will log you out -- basically clear the deck.
Second, go to
On the top right hand side of the page, directly beneath our Messages to Congress stats, you'll find a button that says Log In. Click on that button.
A tiny window will pop-up there that will permit you to enter your user name and password. Please do so, from scratch -- that is, type it in manually (do not rely on what is saved).
If you did it right, the window disappears, and so does the word Log In. In tiny type, below the stats and above the green bar, you'll see that you're logged in and a little link to log out. If you see that, then you're in.
Third, on that same green bar on the top of the page, all the way over to the left, you'll see the word Home (located beneath the Downsize DC logo). Next to that is the button Campaigns. Click on the Campaigns button.
All of DownsizeDC.org's campaigns should now be listed down the left side of the page. Please scroll down to locate the campaign that you're interested in. (For Wednesday, January 28, it's "Tell Congress to Cut Federal Spending" -- the icon for which is a pair of scissors, cutting dollar signs). Either click on the icon or the Go To Campaign button, and the campaign should pop up on the right hand side.
Finally, scroll down the right side of the page (the campaign you've just opened) and see if it says, "You're ready to participate:" and then lists you and your contact information, and below that your Representative and Senators and their contact info. If it does, you're logged-in.
WE APOLOGIZE FOR THE INCONVENIENCE.
If the above steps don't work for anyone, try clearing your browser cookies. That should get you in.
When one goes thru the steps, the user comes to a place to log back in, and it takes a double-click to make the tiny window come up.
Then the user may not notice that they are not loggin in on a secure page.
That goes back to one of the major problems you had before.
If this has something to do with cookies, as the previous person mentioned, then it once again shows the problem with the darn things. It always seems best to use a server-side method of tracking rather than something that leaves a trail and can contain viruses or be used as part of a security intrusion scheme.
In this case, simply link the login link to a proper, secure login page, instead of a pop-up window, and then allow your server to keep a person logged in until they log out or a period of inactivity elapses.
I'm also confused as to how this problem continues to occur since member management software has been used in forums and such for many years without any problems. Isn't that pretty standardized and secure?
Thanks.
If you guys haven't tested the site for security weaknesses you definitely should. I do this for a living and would be glad to run a vulnerability scan of the system (at no charge, of course) so we can find the low-hanging fruit and minimize the risks to the site and the members.
Don't assume everything's OK just because your developers say it's secure. You wouldn't believe the security oversights I see in practically every Web site/app I test. Lot's of careless stuff.
The last thing you or any of the members need is to have their accounts hacked and their personal information compromised - not to mention attackers sending unauthorized and even threatening messages to our representatives.
My contact info is in my reply to your email. Let me know - would be glad to help.