One of the users on my little system got their account hacked and the hackers put up a fake paypal site. I had my connection disabled, and was vaguely threatened with legal action if it happened again.
I've disabled all websites on the folkwolf for now, and I'm going to tighten up the password rules, as well as look at other options for tightening up security. It seems running a publicly accessible website is an invitation to get sued these days.
I want to keep the server publically accessible, but I can't have the risk of having being liable for other people having their account hacked.
If anyone has any ideas on how to resolve this, shoot me an email.
I'm going to disable all accounts. If you want your account re-enabled shoot me an email and I'll reset your password. Unfortunately, this is the only way to be sure that everyone has a secure password
Published
22 February 2008