[wp-testers] Default.widgets.php Hacked? What to do?
Aaron D. Campbell
aaron at xavisys.com
Fri Jul 24 15:36:57 UTC 2009
Of course it is, but there's definitely a balance between security and
convenience. I just checked, and I have 33 sites (including login/pass)
stored in my FTP software (all sites I work on regularly). There's no
way I would remember them all unless I made them all the same (also
bad). It's even worse in my browser, I have 160 save logins (although
not all of those are sites I have admin on, and I don't save them for
banks, etc). It's not the most secure, but for me it's right mix of
security and convenience (since I have control of my system that stores
those and have decent security practices on it).
Jennifer Hodgdon wrote:
> Doesn't anyone besides me think it is a poor security practice to
> store FTP credentials on their PC at all? I realize it is a bit
> inconvenient at times to have to remember passwords, but if your FTP
> software is storing credentials in an unencrypted file, I think it is
> a HUGE security risk to let it store your FTP passwords. This also
> goes for your browser storing login passwords for your sites.
>
> --Jennifer
More information about the wp-testers
mailing list