ADDRESSING ACCOUNT SECURITY ISSUES

Recently two of our clients have had their accounts compromised.  After the audit of the accounts we found that the comprise was contained just to those reporting it.  After a thorough investigation, we concluded that the attack vector was a previously compromised password (from another website).  We are taking every precaution to keep your information and accounts safe in our account security policies. Keeping your data out of nefarious individual’s reach may require involvement on your part.  We are asking you to meet us half-way on this.  Everyone needs to be aware that here are issues that are causing account breeches.  None of these issues pertain to Goldsboro Web Development.

UNINSTALL ANY WORDPRESS PLUGINS NOT INSTALLED BY US

We cannot vouch for any plugin not installed by us.  You must keep in mind that some plugins aren’t secure.  Some plugins allow for direct file management.  This creates a very large security hole on your website allowing for attackers to access anything from files to your database and email credentials!  It is very important to keep your credentials private and only accessible by you!

Not only can rogue plugins provide a hole into your website and account security, but the more plugins you use, the slower your website will be.  It will help in many ways to uninstall plugins you do not need.

MAKE SURE YOUR PASSWORDS ARE SECURE

The absolute first thing you need to do is to check if your password has already been comprised previously.  To do this check this website to search for your password.   If the website says your password has been ‘pwned’, CHANGE IT IMMEDIATELY!

It is extremely important to avoid dictionary words in your passwords.  Terms such as “princess” or “superman” are dictionary words that can be easily guessed or decrypted.  However, to easily remember your password you can add special characters to those words to make them extremely secure:  [email protected] for example. This is still “SuperMan”, but there are so many combinations necessary to guess that password that it is almost impossible with modern brute-force deterrents.

USE VPN’S OVER PUBLIC WIRELESS HOTSPOTS

VPN, or Virtual Private Network is a feature you can enable on your phone to established a secure tunnel to a trusted provider that will not snoop through your data. At a public wireless hotspot, anyone can capture and record the data you send.  Having the extra level of encryption from a VPN will go a long way to ensure your passwords are secure.  This will help to maintain account security while on the go.

YOUR RESPONSIBILITY

Remember, it is your responsibility to maintain secure credentials on our website and while using our services.  If a hacker breaks into your account and uses it for nefarious purposes, we will have to hold you accountable.  If you have any questions about this, please open a support tick or chat with me in live chat and I’ll explain things in plain English to best help you secure your accounts.