I checked my site stats this morning to see a rather unusual metric — 3,200 page views in the span of a few moments, while unique visitors remained at a normal, more rational number. I then checked to see which content was being viewed, and lo and behold, it was the login screen to the admin of my site!
Then I checked the access log to see that all the attempts were from a single IP located in Turkey (using Firefox on Win XP, at that). I’ve since blacklisted that IP from ever being able to view my site, and made a more unique path to my login page, since I’m the only one who needs it.
The attacker was unable to gain access to my site largely in thanks to 1Password. If you’re the kind of person who uses the same password for everything, you either desperately need 1Password or would not be interested in it at all. Trust me, you should be the former.
I used to rely on only two rather weak passwords for everything. As of a couple years ago, I jumped on 1Password’s bandwagon (thanks to my good friend Samantha) and now have a unique complex password for every site I use. 1Password keeps track of all of them, and is easy to use with its browser plugin. And I always have my passwords handy thanks to the 1Password iOS app.
Your identity (and bank account!) is so important. Don’t trust it to feeble passwords. Get 1Password, because it is awesome.
P.S. Also a major hat tip to my host, Squarespace for their awesome stats, logs, and IP filters. Love you guys.