[wp-hackers] Porn links in google cache
Justin W Hall
justin at justinwhall.com
Thu Jul 14 19:24:14 UTC 2011
Can you ever really 100% verify the breach? I do use lastpass...
On Jul 14, 2011, at 3:02 PM, Dre Armeda <feeds at armeda.com> wrote:
> Best way to manage that David is to use a password manager:
>
> http://keepass.info/
> http://lastpass.com/
>
> These are just two examples.
>
> Dre
>
> On 7/14/11 11:58 AM, David Law wrote:
>> On Thu, 14 Jul 2011 09:32:58 -0700, you wrote:
>>
>>> Variations of the attack happen through FTP credential
>>> hijacking (Don't use FTP, use a secure alternative like sFTP/SSH. If you
>>> must, don't save your credentials in your client), others we've seen
>>> have spread because the hosting provider has no business being a hosting
>>> provider (Choose your home wisely).
>>
>> I had some of my WordPress sites hacked, couldn't 100% confirm the
>> security flaw, but beleive it was a combination of using Filezilla and
>> saving passwords (Filezilla saves the passwords in text format, no
>> encryption!!!) and not updating an Adobe Internet Explorer plugin on
>> the PC I use to connect via FTP!
>>
>> Fortunatly keep regular backups so didn't cause long term damage, but
>> changing around 170 passwords (100 FTP, 70 WordPress logins) isn't a 5
>> minute task!
>>
>> David
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
More information about the wp-hackers
mailing list