Doesn't anyone besides me think it is a poor security practice to
store FTP credentials on their PC at all? I realize it is a bit
inconvenient at times to have to remember passwords, but if your FTP
software is storing credentials in an unencrypted file, I think it is
a HUGE security risk to let it store your FTP passwords. This also
goes for your browser storing login passwords for your sites.
--Jennifer
Chris Jean wrote:
I did a lot of reading on this subject to ensure that I knew the full
scope of it. It's quite clear to me that the stolen FTP credentials are
definitely the cause of this specific issue:
* Malicious “Income” IFrames from .CN Domains http://bit.ly/NgWFA
* Hidden CN Iframes Are Still Prevalent http://bit.ly/12uY53
That said, you are quite right that getting a virus on your local
machine isn't the only problem. It is very important for WordPress users
to be aware that their site can be compromised by poor security
practices on or off their server.
--
Jennifer Hodgdon * Poplar ProductivityWare
www.poplarware.com
Drupal, WordPress, and custom Web programming
_______________________________________________
wp-testers mailing list
[email protected]
http://lists.automattic.com/mailman/listinfo/wp-testers
