Skip to main content

AAVSO Servers Compromised

kqr's picture
Joined: 2010-03-12

There has been a security breach on the AAVSO website. Because passwords may have been compromised, we have cleared all user passwords. If you have not done so already, you must reset your password before you can log in.

Please Note:

  • If you used your AAVSO web password for any other non-AAVSO account, we strongly advise that you change it there as well.
  • The AAVSO International Database has been validated. There has been no loss of data.
  • Personal financial information is not stored on any computer or database at the AAVSO, and therefore was in no way exposed.

If you have any questions or concerns we urge you to contact us at or call us during regular business hours (Eastern Time) at 617-354-0484.

Great to see us back online
BGW's picture
Joined: 2010-10-03

I'm sure it has been several long days of hard work to get back on line:  thank you HQ staff!

Gary Billings

JMLA's picture
Joined: 2012-12-17

Gret Job Doc & Will!

Extra Kudos
uis01's picture
Joined: 2010-07-25

And it happened at the end of a week where all the staff had spent a large amount of time manning the booth at the AAS meeing downtown.  I think all AAVSO members would be proud of the way they represented us at the AAS.  Then this happened.  I think Doc in particular needs a well earned vacation :).

Doc and Will rock!
wel's picture
Joined: 2010-07-26


My understanding is that both Doc and Will worked most of the weekend to bring us back online. Great job and thanks to both of you!!!



Thanks, Doc
sgor's picture
Joined: 2010-07-31

Thank you, Doc! Now get some sleep!

lmk's picture
Joined: 2010-07-23

I used to work in computer sys admin many eons ago, in the good old days of VAX/VMS and Unix. I am sure things are light years more complex nowadays with all the Windows security holes, cloud-based and internet apps, etc.

Thanks for the certainly hard work Doc & Will :)

Mike LMK


Password change
PYG's picture
Joined: 2010-07-08

Congratulations to everyone involved in getting the AAVSO site back up and running again.

There does apparently remain some problems though.  Eddy Muyllaert has asked me to mention here that he is unable to change his password to log-in, as he isn't receiving the e-mail back from AAVSO with further instructions (so he is unable to post here himself).  He has apparently sent a few e-mails to individuals asking for help, but no response (maybe they are getting some well earned sleep Eddy :-).  If someone at HQ reads this, perhaps they might contact Eddy and give him some advice please.

Gary [PYG]

Yes, thanks to everyone for
PJOC's picture
Joined: 2012-12-01

Yes, thanks to everyone for getting things back up.

I sent an email to (I was after a sequenc for AO Aqr).  It bounced - I presume because things are not entirely fixed yet.  Justn letting you know in case it might be helpful.




Password change problem
BGW's picture
Joined: 2010-10-03

I changed my password on first post-resurrection login.  I was forced to use a tricky password...  which I seem to have forgotten already, or at least it is not accepted.  When I use the "forgot my password" process again, it sends me a link that logs me in, but when I go to "reset my password", a page comes up saying I am not authorized to do so.


Gary Billings

Thank you for the efficient
JAC's picture
Joined: 2013-12-10

Thank you for the efficient recovery, and for the security information regarding password exchange.

thumbs UP for the staff involved.

there seems to be problems with the Tools of the aavso, several internal servers errors, and information disclosures of type of operating system. 

was there any problem with recent submission of measures of variables?

since they don't appear in the light curve generator?

kind regards



Data upload to SunEntry
BRAF's picture
Joined: 2010-08-27


I'm no longer able to upload sunspot data through SunEntry, I now receive a server communication failure. I do not know if this problem is related to the security breach. I have changed my password and installed latest Java update but this did not help. 

Thank you for any assistance in solving this issue.

Raffaello Braga (Milano, Italy)

Security Breach
drob's picture
Joined: 2010-08-31

My son manages a server farm and I know indirectly the amount of work that both Doc and Will had to do to get the system back up.  Yes there is still work to be done and system checks to go through, however I have been able to access everything that i need to access.  I greatly appreciate their efforts.  Thanks guys for all of your hard work





New Password
conan's picture
Joined: 2012-01-25

I had the same problem as Mr. Billings when I tried to get a new password. But I noticed I was signed in after using the link, and I just went to my account page, and entered a new password like I would normally do any old day, and that works now. So if ones emailed link still works, you can try that. 

- - Conan 


Have overcome password changing problem
BGW's picture
Joined: 2010-10-03

Yes, what Conan reported works for me, too.  I.e. going to "my account" and changing the password, rather than using the link from the email re the one-time password.


Gary Billings

AAVSO 49 Bay State Rd. Cambridge, MA 02138 617-354-0484