16 April 2013 - 8:38am | posted by | 1 comment

Wordpress users advised to change passwords following hack

Wordpress users advised to change passwords following hack Wordpress users advised to change passwords following hack

Wordpress users are being advised by its founder, Matt Mullenweg, to update their security settings following sustained botnet attack involving ‘tens of thousands’ of computers.

The attack, which has been ongoing for a week, targets individual accounts where the username has defaulted to admin, bombarding them with thousands of popular passwords to gain access.

Some 17 percent of the world’s websites are currently powered by Wordpress, the equivalent of 64m separate sites, which gives an indication of the true scale of the problem.

Mullenweg wrote on his blog: “Almost 3 years ago we released a version of WordPress (3.0) that allowed you to pick a custom username on installation, which largely ended people using “admin” as their default username. Right now there’s a botnet going around all of the WordPresses it can find trying to login with the “admin” username and a bunch of common passwords, and it has turned into a news story (especially from companies that sell “solutions” to the problem).

"Here's what I would recommend: If you still use 'admin' as a username on your blog, change it, use a strong password.”

Don't miss out... Get your Digital news by email

See all specialist newsletters

7 related companies from Profile Hub, The Drum's modern marketing directory:

Comments

16 Apr 2013 - 18:26
yablon

I'm afraid you completely misquoted what Matt said. He said CHANGE YOUR USER NAME to something unique. Use a strong password was always a given, but the point here is that you need to have two log-in parameters that are unique, not that you need to change your password!

BTW: Besides writing about this yesterday ( http://answerguy.com/2013/04/15/hacking-wordpress-cms-content-management... ), we happened to do a video on this subject just last week: http://answerguy.com/videopost/you-cant-build-a-web-site-in-one-hour-adm... .

It's a real issue, but the truth is that it takes very, VERY little to protect against this kind of thing.

1
0

Please sign in or register to comment on this article.

Latest Projects from the Profile Hub

dlc - Responsive website

17/09/2014
dlc is the UK’s leading, independent debt recovery firm,...

Ecommerce Solution for B2B and B2C Retailer

16/09/2014
Talking Tables provides high quality party decorations for...

Peak Scientific Innovation - Brand Communications for US Market

16/09/2014
Peak Scientific is a leading Scottish gas generator...

Messages in the Deep

16/09/2014
“Messages in the Deep” tells the remarkable tale of the...

Launching New Scrabble Format in Digital Era

15/09/2014
The Challenge Launch two new formats of the classic board...