cat slave diary

So it’s finally happened

Written by

Andrew van der Stock

in

Passwords. Pah.

After running my blog on various virtual hosts and VPSs since 1998, my measures put into place to protect this site and the others on here were insufficient to protect against weak passwords.

Let’s just say that if you are a script kiddy and know all about press.php, tmpfiles.php and others, you have terrible operational security. There will be consequences. That is not a threat.

Comments

2 responses to “So it’s finally happened”

  1. palako Avatar
    palako

    Best is to assume that you’re credentials are going to be compromised sooner or later, no matter how strong they are, and do something about it. Check out this plugin: https://wordpress.org/plugins/latch/

  2. vanderaj Avatar
    vanderaj

    If anything, I will add Google two factor authentication. I’ve already demoted the account that was broken into to a normal WP user and rotated all the passwords.

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts