I recently saw something terrible happen again. Another website was hacked with a very simple attack. An attack that's been used time and time again. It was a brute force attack trying common usernames and passwords. This is annoying to have to fix, trouble when the server or site is being used for something malicious, and the users feel terrible for being the cause with their weak passwords. There is something we can do about it. We can put password strength testers everywhere someone sets a new password or changes an existing one. Let users know the passwords are weak and what they can do to make them stronger. Read more »

Being hacked sucks. Not only do you have to deal with the shame of being hacked but, it's a lot of work to recover from it well. This month my web server was hacked and someone used about 2 TB (2,000 GB) of outgoing bandwidth to do something shady. My best guess is that some site had a DDOS attack courtesy of my shamed server.

Here is an opportunity for my loss to be your gain. As part of my effort to make it hard for something like this to happen again I've been implementing security solutions to my server and habits. The kinds of things you would hope would be implemented by default by a hosting company but rarely are. Read more »