A Cautionary Tale

[Idris]

I recently had my website hacked. Actually, when I had a look at the files, I discovered evidence of three different hacks: the first had simply left a calling card in the form of a widowed file (i.e. present on the website but with no links from any page), the second had uploaded about 30 pages of shoes and handbags for sale, whist the third had replaced the index page with one bragging about his successful hack.
Now I had deliberately left the randomly-generated password I had received from the provider unchanged, supposing that it was secure enough. How wrong I was! At only eight characters long (three lower case, three upper case and two digits), my on-line research very quickly showed that it was woefully inadequate.
In total, I must have spent a couple of hours researching passwords, and came to the conclusion that the two keys to a secure password are i) length and ii) the inclusion on non-alphanumeric characters (e.g. punctuation, currency symbols etc.)
This webpage carries an interesting discussion of just what constitutes an good password, whilst this page has a really good password strength checker. This website will give you an idea of how long it would take to crack your password.
I strongly suggest that you make the time to look at the links I’ve posted: you’ll never look at your passwords in the same light again!

[Moyboy]

Very interesting - I checked all mine ( I use 3 mainly) and came with the following as run on a pc to crack them.
General one - 7 years
Memories site - 58 years
Moyboyz - 344, 000 years

I honestly believe it can be done quicker than this though

[godsey1]

I put in my main password I use most and it was 4 Billion years.

Tony

[johnboy]

Strong passwords are a must these days coupled with different passwords for different sites, but personally I wouldn't want to use a password strength checker.

[nickjones]

I have a 16 digit password that uses upper and lower case letters, numbers and punctuation marks. Hopefully it should keep the hackers out, at least for now.

[SMS88]

It is sensible to use currency and punctuation in passwords however these days hacking is not so much guessing them as stealing them so the best protection can be sites like ebay which randomly reject correct passwords so you enter them a 2nd time to prove you are sure!

[Idris]

It is sensible to use currency and punctuation in passwords however these days hacking is not so much guessing them as stealing them so the best protection can be sites like ebay which randomly reject correct passwords so you enter them a 2nd time to prove you are sure!

Clever!

[motorman]

It is sensible to use currency and punctuation in passwords however these days hacking is not so much guessing them as stealing them so the best protection can be sites like ebay which randomly reject correct passwords so you enter them a 2nd time to prove you are sure!

Now i never knew that.......and that explains why i have had a couple of rejected attempts to log in, even though i was sure i had typed in my correct password!!

[Idris]

I am becoming increasily disillusioned with the company hosting my website (Active24). Can anyone recommend an alternative host based on first hand experience?

[nickjones]

I'm with hostgator, their service seems fairly stable and I would recommend them but Martin Avis is probably the one to ask.