Good day
Today I create account on this forum, but after some time(~30-50 min.),I found out that when I visit forum again, I am not logged in.
When I try to log in, I get message:
"No account with email address silmor.******** exists. Please go back and try again."

To put it mildly, I was very surprised, but I still allowed the possibility of some kind of problem at the forum level, and recreated account with the same data.
When checked the account after ~ 50 minutes, I found that it "disappeared" again.

I asking forum administrators to check what is the reason for this strange behaviour or someone's actions(don't want to sound paranoid, but still).

To confirm that I have already created accounts, and all this is not my sick fantasy, below are screenshots from my account's profile page.

These two account(that already disappeared) was created about 21:21 UTC 03.03.2023:

And 22:13 UTC 03.03.2023:

And this account(from witch I writing now) was created about 22:47 UTC 03.03.2023:

I'm not sure what is going on, but I forwarded your thread to the person with database access.

One option is that the email account(s) used are compromised, that someone else has access to it/them. I'm not sure if we send out an email on account creation, but someone who has access to your email account could use it to get a temporary login link on the forums and delete the account that way, but that leaves emails in the email account (which of course can also be deleted by the other person).

We have disabled account creation on the forums for now.

Good day, Jord
The possibility of compromising E-mail can be excluded for the following reasons:
1) There is no e-mail notification when forum account is created. E-mail verification occur only if you click the "Create" button in Community section of account settings page to create "Profile".
2) 2FA(OTP) is used to access my E-mail accounts.
3) I also audited access logs of E-mail account - all active sessions are only from trusted devices controlled by me.

Also about the verification of E-mail:
- The confirmation link in e-mail message contains http scheme instead of https.
This should be corrected.
- These e-mail messages sended form server isaac.ssl.berkeley.edu not protected by any of known methods:
There is no DKIM signing, no SPF and (active) DMARC policy for domain boinc.berkeley.edu, from which these messages are send([email protected]).
So, someone can relatively easy send spoof messages on behalf of boinc.berkeley.edu.
https://www.hardenize.com/report/boinc.berkeley.edu/1677879353#email_spf
https://www.hardenize.com/report/boinc.berkeley.edu/1677879353#email_dmarc

I'm not sure what is going on, but I forwarded your thread to the person with database access.

Good day, Jord
Is there any news about that problem?