About passwords and security

This site is under attack every few minute from computer bots trying to break in by guessing user names and passwords.

(Details of security arrangements available only to logged-in members.)

Obtaining links

When you request a link, it will invalidate any previously sent links. So look diligently for the email with your link, which might be in your spam filter.

I often see users repeating reset requests but getting locked out again, probably because they found and used an earlier link invalidated by a later request.

I used to monitor lockouts so I could check that the user succeeded in regaining access. However, with bots being locked out many times per hour, this is no longer practicable. If you are unable to regain access, you can contact administration via the contact form.

You should choose a password which is difficult to guess and not a commonly used one. A password regarded as weak is no longer accepted. Users with administrator privileges should use a strong password.

If some other site is compromised, malicious actors will try the compromised passwords on this site. So it is best to use a different password for each site you log in to.

Keeping track of dozens of difficult-to-remember passwords is impracticable without using a password manager. There are several password managers available. I use 1Password. It is a bit of an investment but worthwhile, given so much of our life, including finances, is now on-line. 1Password will also warn you if any of your registered sites have been compromised since you set your password, so you can change it. It will also show for which sites you are using the same password.


« About privacy      Terms of use »