Wordpress Vulnerability

When I saw Bruce's post on using Google crack MD5 Hashes for you, I had to chuckle. Here's a link to the article Bruce is referencing.  Once again, it shows a pretty good case of the damage that can happen by overlooking the seemingly obvious. (Would you want to be the developer that told your boss "Don't worry about it their Chief, our security is pimped out .  We got those passwords hashed and locked down" only to read some guy's blog showing you blew it?)  Whenever someone thinks their security is breached, you often hear complex impressive sounding explanations of the exploit, but in reality, what usually happens is either they were wrong about being hacked in the first place, or they or someone else actually gave away information and didn't realize it.  I remember reading 2600 back in the day, then reading Kevin Mitnick's book and Mitnick's whole game was Social Engineering and using people (the weakest link in the chain) to handle business)  I would  guess that creating a strong password and changing it regularly would protect you from a lot of things. Keeping the password to yourself and learning enough about your software that you can manage basic functions yourself probably doesn't hurt either.

On a less serious note (There's a blogger who's loves trashing Community Server and digs Wordpress.  Now I know the mere mention of the name Anthony or Wordpress, is enough to fan the flames of of any love-struck fool's man-crush so my apologies if I got anyone excited. the mere mention of Anthony is enough to make the poor guy start babbling about Ryan O pulling off exploits that would make the KGB jealous.  RO's hacking skills are about as real as  A & Mel's wedding date ( although CC doesn't get complains about how RO won't ever get himself some hacking skills so maybe my analogy isn't so good).