|
Password leaks are and aren?t that big of a deal. Paysite owners have PW?s posted almost daily. We rely on our protection systems (pennywize, proxypass, strongbox, etc) to protect us. The fact is, even the best software in the world can?t 100% protect you from leaks, brute force attacks, hacks, exploits, etc.. It happens at the billing level, site level, program, and any other little side hole they can. PW webmasters share the information on how to beat pennywize/proxypass, they share backdoor info, they trade lists.
For the most part, PW sites are no worry to the standard program owner. They just don?t care. The people that need to worry about the leaks, don?t have a clue that it?s going on. Normally smaller site owners. Free site owners have to make sure they cover all the backdoors to content too. It?s a huge world that relies on the mistakes that webmasters of all sizes make.
Myself, I monitor my logins. If a member has a user/pass problem I e-mail them before they e-mail me. If I see a pw leak I change the pw and e-mail the member. This is the ONLY way to truly protect your sites.
|