Increased Security Measures 2011

Due to increasing hacker attempts a few changes have been made. For one thing, someone now has a limited number of login attempts. Failure to login within the attempts allowed will result in an automated block to that account that can only be reversed by those in management roles. The login process has been altered to provide feedback as to how many more attempts can be made prior to an account becoming blocked.

Additionally, the delay time between login attempts has been increased slightly. Not enough, I hope, to cause too much frustrations for our regular users. These combinations of changes should, I hope, put a halt to the number of 'bot driven script attempts to gain access.

My best advice to those who have tried to login, only to fail, is to go to the password recovery process. This should be done, obviously, before the account becomes blocked. Simply provide the form with your username or e-mail address and the system will send a message to you containing a special link. Follow this link back to the site and you will be allowed to change your password as desired within the guidelines established in so far as length, complexity, etc. It will ask you to enter it twice and compare the two to ensure they match before the change is made.

One change that will not be reversed is to allow public access to the general Contact form. Having permissions set in this way was allowing messages from far too many spam senders. The visible portion of those forms, however, have been altered to show an e-mail address someone may use to reach a manager if an account should become blocked by accident. This address is spelled out in long form so human visitors to the site can make sense of it, but so it cannot be picked up by spam trolls. This information is also visible in the footer area of all pages.

My hope is that these changes will suffice to preserve the integrity of the site and intent behind it, while thwarting those attempting to exploit it. Security measures on a site can never remain static, however, so daily activity logs will continue to be reviewed. If additional changes are needed, an update similar to this will be posted.

Until then, remember to NEVER share your account login information for any site with others not directly connected with how it operates. This is the most common way for a hacker to gain illegal access. Such persons are unscrupulous in how they will lie and deceive others. Whenever questions about account information such as usernames and passwords come up, a red flag warning should immediately occur! This is true not only for these sites but others as well. Take care everyone.