Security — Websites, Blogs and the Internet

Security Rose

Well, it’s been one of those days. This site has been under attack for almost the entire day. Thank heavens for security programs (plug-ins) and WordPress.

When I finish reading my morning papers, I open my computer, check my email and run checks on our internet connection speeds from dslreports and Speakeasy (approved by TWC). Next, I go to Goodreads and see if there is anything new and interesting and then MacSurfer (for news and program updates). Last, that is, before losing myself for a half-hour in Facebook, I check my blog (yes, this blog).

I look to see who has been reading my posts and pages and any comments they’ve left. Usually, this takes all of a couple of minutes, but today, it’s a bit different.

After looking at the above, I went to Wordfence‘s Live Traffic feature to see the hits. Whoa . . . every few seconds these was another hit blocked by Wordfence: . . . was blocked by login security setting. at . . ./xmlrpc.php. No one actually got to any of my files but hundreds (thousands?) of hits was rather unnerving.

This was in addition to the normal googlebot, wordpress.com and human traffic.

Just in the last hour there have been more than 150 hits from IPs all over the world. Plus, some 270 attempts, throughout the day, to log in to my site as me — or, at least, into my old, and deleted, username.

If you’re having the same kind of trouble and you don’t have any security on your site or back-up of your site — Get Something!!!

I use: Wordfence (the free version), Anti-Malware Security and Brute-Force Firewall, and UpdraftPlus – Backup/Restore. And, of course, a long and strong password.

Sunday Passwords

Sunday Passwords

An article in today’s OC Register by Thomas Hill (gobankingratres.com) entitled – 4 places burglars search for data – got me thinking again about computer passwords. You know, those letters, numbers and special characters we use to keep others from breaking into our files.

One of the problems with passwords is that if you actually use a word, a real word in any language, your files can be opened by a brute force dictionary attack. The same thing goes if you type it in backwards, duh.

One of the problems with hard to guess passwords — ones that contain letters, upper and lower case, numbers and special characters — is that they are so hard to remember. Therefore, we write them down. Hmmm . . . burglar breaks into house, turns on computer, opens desk drawer and finds pad with your banking password. Two minutes later your account is empty and his is full.

Need a good password(s) that’s (almost) foolproof and easy to remember?

Select a favorite quotation (or two or three).

For example: The man who was not Terrence O’Grady had come quietly. (From Agent of Change by Lee and Miller)

Take the first letter of each word: TmwwnTO’Ghcq — an easy to remember password with upper and lower case letters, an apostrophe, and is twelve digits long. Need a number in the mix? Substitute the capital O with a zero — TmwwnT0’Ghcq

Need more numbers or a longer password? Look on the same page: Standard Year 1392.

New password: TmwwnT0’Ghcq1392

You really think someone is going to guess this? And, if you forget part of it, all you have to do is get the book from the shelf (which, of course, is in another room).


 

Want to check the strength of your passwords? Try one, or all of the following:

http://www.passwordmeter.com/

http://password-checker.online-domain-tools.com/

https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx


Need other numbers?

Use the last four digits of your best friend’s (the one you had while in you were in elementary school) phone number.

Do you remember your first phone number? (same thing as above)


Other examples:

There is a house in New Orleans they call the Rising Sun:
TiahiNOtctRS
T1ah1N0tctRS

Oh! I have slipped the surly bonds of Earth
And danced the skies on laughter silvered wings:
OIhstsboEAdtsolsw,
o1hstsb0EAdts0lsw

(From High Flight by John Gillespie Magee, Jr., which I had to memorize for an oral presentation in elementary school.)

Haven’t got a prayer of remembering this stuff? Try a prayer.

Our Father who (which) art in heaven, hallowed be thy name.
OFwaihhbtn or — OFwaihhbtn1392
0Fwa1h,hbtn or — 0Fwa1h,hbtn1392
0Fwa1h,hbtn. or — 0Fwa1h,hbtn.1392

Last piece of advice: Do NOT use your bank account password for anything else, under any circumstances, and if you have only one real good password, use it here.


This Post made possible through the aid of Smoke and Mist — sleeping quietly on the sofa.

Smoke and Mist — Helping Passwords
Smoke and Mist — Helping

Now, back to reading The Life and Times of Horatio Hornblower.