Remote unauthorized access
-
Hi
Sorry to be a bother but I think someone has hacked my PW. I have changed it, but this person or persons may still be logged into my account. Where is the button to log of remote users? There is supposed to be one but I can’t find it. Thank you.
The blog I need help with is: (visible only to logged in users)
-
re: hacked accounts and blogs
If anyone is posting anything to your blog or removing anything from it, or changing anything in it, or if your blog has been deleted and you did not delete it, then it’s most likely that you have provided them with the ability to do so, either deliberately by adding them as official users, or by allowing them access to your login information, or by posting content that makes it easy for them to guess what your log-in information is.
For you the question that needs to be answered is: Who, aside from me, has access to my login information?
If you registered this blog
Go to your email program immediately and change the password to a very difficult one because that’s how many hackers gain access to blogs.
Read > http://en.support.wordpress.com/security/
1. If you can log-in go here > Users > All Users and delete any user that does not belong there.
2. Disable post by email > http://en.support.wordpress.com/post-by-email/
3. Disable post by voice > http://en.support.wordpress.com/post-by-voice/
4. Change your blog password to a very difficult one > http://en.support.wordpress.com/passwords/#change-your-password
You can also reset your password via your Settings tab on the WordPress.com home page:
http://wordpress.com/#!/settings/5. Use a secure, encrypted connection to connect to your Dashboard. Under Users → Personal Settings, check the box that says “Always use HTTPS when visiting administration pages, and click Save Changes.
6. Use two step authentication http://en.support.wordpress.com/security/two-step-authentication/
7. Run a security scan on your computer.
8. Never leave your computer logged into your blogs and walk away from it. Always log out properly.
P.S. Staff have records of who did what under which username and login information and when they did it. I flagged this thread with modlook for a Staff follow-up. Please subscribe to it so you are notified when they respond. To subscribe look in the sidebar of this thread, find the subscribe to topics link and click it. Note that there is a backlog and be patient while waiting.
-
Hi,
I changed the pw’ds and the voice and email postings are not enabled. I also ran a scan. I’m the only user. I had just changed my email pw earlier and had to call in to fetch it because I had forgotten it. Maybe someone snooped my phone or looked in the window. I changed it again. Thank you for all your help!
-
You’re welcome. To run a free security scan on your computer go to https://sitecheck.sucuri.net/?clickid=Q6E13WUOKV%3AZU%3AqStkTE7TInUkXWNN0jSVphUM0
-
I ran a scan w my security and it found nothing. Nothing does not always mean nothing though.
-
True but that was a good thing to do. When Staff get to this thread they may have more to add.
-
You have taken the correct actions.
I would encourage you to set up Two Factor Authentication as well:
- The topic ‘Remote unauthorized access’ is closed to new replies.
WordPress.com Forums 