Security and Logins

 

Due to the proliferation of malware and hacking attempts on servers worldwide, we felt it was necessary to force our clients to strengthen their passwords, especially for users who have access to SiteApex. Changing everyone's password would cause a nightmare for our support techs so instead, as a first step, we are forcing all users to enter their password exactly the way they originally created them.  

The first comment we often hear is 'Why would anyone want to hack into our website?' 

We are finding that some countries seem to be more interested in our Christian school and church websites. Last year we did a thorough study and found that these websites were receiving over 100 'human' hack attempts per day from just 1 Asian country. Hackers are also looking for credit card information and they don't know if you have any until they get in and poke around. With some schools using fund raising programs such as TRIP, this becomes a beacon for hackers to search for credit cards. We do NOT discourage you from using these programs, we just ask that you keep your logins strong and well protected, leaving the rest up to us.  
 
We also have a system in place that scans all login attempts looking for anomalies. Even one login with an anomaly will be shutdown immediately and we are alerted. This has already saved one of our clients who has a shopping cart on their website and their password had been stolen. We caught the hacker from Asia the moment they logged in and immediately shut them down. 

This is 24 hour / 365 day security protection we give every client to protect their online information.

 

Fix:

There are easy ways to tighten security

• Strengthen your passwords by using Captials, Numbers, and Special Characters such as ~!@#$%^&*()
• Try to abstain from sending passwords through email
• Keep your anti-virus and especially anti-malware programs up to date

To tighten passwords in SiteApex, especially for those who have SiteApex access, use the following path to make changes. 

SiteApex > Control Panel > Security > List Users > (find the user) Edit

Screenshot 1 - Path to change password

Under their password it will tell you if it is Very Weak, Weak, Medium, Strong or Very Strong. Different combinations strengthen a password. As you type in or add to the existing password, you will see it progress in strength.

An example that progresses from being Very Weak to a Very Strong password is as follows: Each change shown that strengthens the password is coloured bright pink.

It is wise to make sure you have the most recent Anti-virus software installed, updated, and working. However, most people do not realize that this software is often inadequate to deal with malware even if they claim to be. Given our experience with many major anti-virus programs, we suggest also running a separate Anti-Malware program. One of the best is Malwarebytes and comes in both a Free and Paid version. You can download and install it for free but we recommend purchasing it for around $30 to have it actively scanning all the time, rather then requiring you to remember to scan once in awhile. 
 
For example:
We were using Skype once in awhile which was installed on our computers. Even when we were not using it at the time, Malwarebytes was alerting us to hack attempts it was thwarting from Asian and Middle East countries trying to gain entry through Skype. The Free version of Malwarebytes would not catch these hacks while they were happening but would let you know later if they deposited Malware on your computer and you asked it to do a scan. This is why we recommend purchasing it.

View Malwarebytes Website