Hackers trying your password at Ninjette
Hi all -
Getting a handful of notifications each day, that a user is trying to log into an account here 5 times, and is locked out for 15 minutes before being able to try again. The reason I am seeing the notifications is that an email is then sent out to warn the user that something may be going on, and then that email is bouncing because the user hasn't been here in so long that their email account is no longer the same. So I'm probably only seeing a subset of these, and many might not be bouncing back because the emails are still valid.
These attempts log the IP address, but the problem is that just about every one is coming from a completely different IP. It appears to be a persistent effort, used by proxies and/or botnets, that is not trivial to prevent, while keeping the site still usable / accessible.
So - consider changing your password on this site and others from time to time. Use as strong a password as you are comfortable with. Consider using a password manager like LastPass or DashLane, which both automate using very complicated passwords on all the sites & apps you use. And let me know if you're seeing anything strange; I'll do the same here.
- Alex
|