WARNING: Virus steals FTP passwords

Just read this and it sent shivers down my spine. . .

Summary - virus steals ftp passwords, logs into your websites and injects malware code into all the index and default pages

I've noticed a number of folks in the wpmu dev community have experienced malware injection and hacking issues etc. So if you've got your ftp passwords stored on your machines and especially in your browsers - be warned.

It is inevitable that we can't 100% protect ourselves from downloading something nasty - but we can make life harder for those wanting to steal vital info (passwords etc).

I use http://keepass.info/ (How good is it? I've never had an issue, touch wood) There are lots of password encrypted storage systems - might be time to invest some time in looking for one :wink:

  • Chris

    My big issue is that I use various computers all over the shop. I need to have memorable passwords for accounts. When you have 30+ accounts, that's a hard one to pull off.

    And using a site to store it means I'm screwed when the site is blocked by the firewall.
    And using software to store it means I'm screwed when not on that PC.
    And using portable software to store it means I'm screwed when the network admins block flash drives.


  • Philip John

    Yeah, these things do happen - seen it myself plenty of times.

    As for passwords it is fairly easy to generate unique passwords for an infinite number of services. You want to get yourself a simple algorithm.

    First, start off with a standard string that you can remember such as "uGg74a"

    Then, work out a little calculation based on what service your using. So, for example you might say "take the first vowel from the name and give it a number based on A=1, E=2, I=3, O=4, U=5.

    For WPMU DEV, that'd be 5. Now insert that at the beginning of your standard string, making 5uGg74a.

    Then you might say "take the second to last consonant from the name" which for WPMU DEV is D. Now add that to the end of your standard string to make "5uGg74aD".

    There you have a unique password for each service that you can remember.

    For Google, it'd be "4uGg74aG"

    It might sound complicated but it's actually very simple and will be second nature once you start using it.


Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.