So the church hosting account got hacked.

I don’t really know when but the first I was aware was a very terse email from our hoster:

Hello,

We regret to inform you that your account has been suspended for the following reason:

compromised account, spamming

Please contact us as soon as possible to discuss your options for reinstatement.

Sincerely,

Well ok that’s fair but surely they could have given us a clue as to what caused them to be aware of this so we are better able to fix it, prevent it happening again and discuss it.

Turns out the rather simple password that was used for the cpanel account was just that – too simple and consequently the hacker placed a few ‘iffy’ PHP files that were (so I’m told) sending out spam.

I’ve passed the file onto my eldest – he does PHP – and asked him to look it over.

The lesson today … use strong passwords.

Don’t know how or worried about remembering them? Then read this about various password utilities. Need to create a strong password and don’t have one of the listed tools in my link then try this online password generator. My advice, at the very minimum use the defaults but preferably up the character count to 16 or more.

Want to know what makes a strong / secure password? Then have a read of this article.

• Do you use strong / secure passwords?
• Do you have a different one for each site you access?
• Do you use any tools to help you?