Easygoing Eyebeast keira Posted September 18, 2011 Share Posted September 18, 2011 Attention anyone who has wandered across my website (http://calref.co.cc) in the last 48 hours: A little prick passwordguesser got into the domain registrar and changed all of my A records to some site in Russia. Unfortunately, I have been having severe connectivity issues lately and just assumed it was something with my lovely ISP. It wasn't. Thankfully, the bot or w/e didn't change my password so I have been able to reverse the damage. I've replaced the ages-old password with one with significantly more entropy and whatnot. This won't happen again. However, to anyone who has visited my site or any subdomains (read: rpwiki.calref), I strongly recommend you run a quick virus check just in case, especially if you ended up redirected to a .ru website at any point. My deepest apologies, I feel horrible for this happening (for those interested, the IP was 91.204.72.72 when it should've been 65.254.248.133, i strongly recommend blacklisting if you know how) Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall A less presumptuous name. Posted September 19, 2011 Share Posted September 19, 2011 Just a note about entropy in passwords. Length is better than random characters when computers are doing the hacking. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast keira Posted September 19, 2011 Author Share Posted September 19, 2011 I actually generated new passwords for all my important stuff when I first saw that comic...sadly I never implemented any of them until now. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast Dantius Posted September 19, 2011 Share Posted September 19, 2011 Originally Posted By: Master1 Just a note about entropy in passwords. Length is better than random characters when computers are doing the hacking. Yeah, a password like mmmmmmmmmmkmmmmmmmmmm6 (10m k 10 m 6) is for all intents impossible to brute-force and it reay quite easy to memorize. No, that's not my SW password, and my password isn't even of that form, so you can stop trying before you even start. Quote Link to comment Share on other sites More sharing options...
Kyshakk Koan Mistb0rn Posted September 19, 2011 Share Posted September 19, 2011 What really aggravates me is the websites that put a limit on the number of characters; (6-8, usually.) It feels so insecure. My passwords are generally long, and having to use only 8 characters is irritating. Quote Link to comment Share on other sites More sharing options...
Magnificent Ornk Aran Posted September 19, 2011 Share Posted September 19, 2011 Originally Posted By: Sylae I actually generated new passwords for all my important stuff when I first saw that comic...sadly I never implemented any of them until now. It reminds me of my insistence on pgp-signing all my messages...it's all there ready to go, but people I email ∩ people who know/care about message security is nonexistent I've been signing all emails for years, but have only met about three people who cared enough to exchange key signatures with me. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast The Mystic Posted October 13, 2011 Share Posted October 13, 2011 Originally Posted By: Dantius Originally Posted By: Master1 Just a note about entropy in passwords. Length is better than random characters when computers are doing the hacking. Yeah, a password like mmmmmmmmmmkmmmmmmmmmm6 (10m k 10 m 6) is for all intents impossible to brute-force and it reay quite easy to memorize. And yet I've had Hotmail tell me that such a password is very weak, and then tell me that a 6-character password full of garbage was very strong. Originally Posted By: Mistb0rn What really aggravates me is the websites that put a limit on the number of characters; (6-8, usually.) It feels so insecure. My passwords are generally long, and having to use only 8 characters is irritating. Yeah, it sucks. I prefer passwords that are 10-12 characters, minimum; I've actually had one or two shorter passwords hacked. However, I will say this about sites that force you to have shorter passwords: Some of them will also force you to change your password on a regular (usually monthly) basis; and some of those won't let you use the same password more than once. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast Dantius Posted October 13, 2011 Share Posted October 13, 2011 Originally Posted By: The Mystic And yet I've had Hotmail tell me that such a password is very weak, and then tell me that a 6-character password full of garbage was very strong. In addition to being a terrible email service, Hotmail also apparently lies. The algorithm to generate "password strength" probably counts characters and repetitions, but that's not how algorithms to break passwords work. For a better analysis of password "strength", try this. Quote Link to comment Share on other sites More sharing options...
Magnificent Ornk Dikiyoba Posted October 13, 2011 Share Posted October 13, 2011 Originally Posted By: The Mystic However, I will say this about sites that force you to have shorter passwords: Some of them will also force you to change your password on a regular (usually monthly) basis; and some of those won't let you use the same password more than once. Any system that forces you to change your password on a regular basis sucks. Dikiyoba. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast keira Posted October 13, 2011 Author Share Posted October 13, 2011 Originally Posted By: The Mystic some of those won't let you use the same password more than once. In these cases, I usually change my password to "Abc$123" or something like that, then change it right back. That'll usually trick it the right way, and if a website keeps track of your past passwords then it's not a website anyone should ever use. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast The Mystic Posted October 13, 2011 Share Posted October 13, 2011 Originally Posted By: Dainty Us if a website keeps track of your past passwords then it's not a website anyone should ever use. That actually did happen, and I had to use it for my job at the time. Then again, it was a corporate website with a lot of sensitive information, so it needed to be a bit paranoid. The site kept a list of every password you've ever used on the site (even temporary ones given out if you forgot your password), and checked all your new passwords against the list; if the new password matched, it was rejected. Quote Link to comment Share on other sites More sharing options...
Hatchling Cockatrice Lilith Posted October 13, 2011 Share Posted October 13, 2011 Originally Posted By: The Mystic That actually did happen, and I had to use it for my job at the time. Then again, it was a corporate website with a lot of sensitive information, so it needed to be a bit paranoid. The site kept a list of every password you've ever used on the site (even temporary ones given out if you forgot your password), and checked all your new passwords against the list; if the new password matched, it was rejected. please tell me it didn't store that list of all your passwords in a cleartext file somewhere because that would be a hilarious security hole Quote Link to comment Share on other sites More sharing options...
Magnificent Ornk Aran Posted October 13, 2011 Share Posted October 13, 2011 It would theoretically possible to implement this using hashes. However, preventing users from repeating passwords ever shows such a ridiculous misundrstanding of security practices that I wouldn't bet on it. Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall Rowen Posted October 13, 2011 Share Posted October 13, 2011 My school does not allow the reuse of passwords. And they suggest ones like ASDF760SAD&*^*-O*D&SFgo to be your password and then tell you to memories it, never writing it down. Sometimes I feel that security and stupidity are mistaken for the same thing here. Quote Link to comment Share on other sites More sharing options...
Hatchling Cockatrice Alorael at Large Posted October 13, 2011 Share Posted October 13, 2011 I've had passwords tracked for at least two years. While on vacation I missed my password change deadline and discovered a friendly automated process for setting a new password that just required the answer to a security question. There are two problems with this. One, that makes the password only as secure as the question, and most of the questions were likely to have dictionary lookup answers. Two, the reset didn't check against the password list, so I used that to keep the same password. —Alorael, whose passwords tend to be long and meaningless. Some he remembers. Many for websites used rarely are just stored by his computer, and in a pinch he can always use the "Forgot your password?" link to replace all passwords with the one password for his email. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast Dintiradan Posted October 13, 2011 Share Posted October 13, 2011 What sets warning bells off for me are services that require you to change your password on a regular basis and stipulate that your new password cannot share a substring with any previous passwords. I've don't think I've seen this restriction actually enforced though, which is a good thing; while you can use hashes to see if two strings match exactly, I don't think you can to see if two strings share a substring. Quote Link to comment Share on other sites More sharing options...
Hatchling Cockatrice Alorael at Large Posted October 13, 2011 Share Posted October 13, 2011 Actually, there's a really easy way to test that. Go with the most basic substring: a single character. Read off each character from the old password and check to see that the new one doesn't contain it. —Alorael, who can see an immediate downside. You can easily run out of characters and have no legal passwords left. Maybe by "substring" they meant "substantial portion" or even "don't just increment or decrement a number at the end of your password, please." Quote Link to comment Share on other sites More sharing options...
Kyshakk Koan Mod. Posted October 14, 2011 Share Posted October 14, 2011 Originally Posted By: Dantius Originally Posted By: The Mystic And yet I've had Hotmail tell me that such a password is very weak, and then tell me that a 6-character password full of garbage was very strong. In addition to being a terrible email service, Hotmail also apparently lies. The algorithm to generate "password strength" probably counts characters and repetitions, but that's not how algorithms to break passwords work. For a better analysis of password "strength", try this. Weird how adding a j at the end can make a password go from 1 hour to 21 thousand years. Quote Link to comment Share on other sites More sharing options...
Hatchling Cockatrice Alorael at Large Posted October 14, 2011 Share Posted October 14, 2011 If you have a very simple pattern, it's easily predicted, apparently. A single character that breaks the pattern increases the security immensely. —Alorael, who has realized that it would be most efficient to remember sentences and use them. "This is an excellent password!" is, in fact, an excellent password. Quote Link to comment Share on other sites More sharing options...
Hatchling Cockatrice Lilith Posted October 14, 2011 Share Posted October 14, 2011 Originally Posted By: Mod. Weird how adding a j at the end can make a password go from 1 hour to 21 thousand years. it's not that surprising when you think about it. the difficulty of randomly guessing a password increases exponentially with its length, cet. par. Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall Rowen Posted October 14, 2011 Share Posted October 14, 2011 Some of mine range from 8 seconds to 1 octillion years. The hell is an octillion? *Goes off to goggle* Quote Link to comment Share on other sites More sharing options...
Hatchling Cockatrice Alorael at Large Posted October 14, 2011 Share Posted October 14, 2011 Originally Posted By: Lilith Originally Posted By: Mod. Weird how adding a j at the end can make a password go from 1 hour to 21 thousand years. it's not that surprising when you think about it. the difficulty of randomly guessing a password increases exponentially with its length, cet. par. The problem is the magnitude of the change. It requires the password to be quite weak without the j and very strong with it. Something like a number repeated 11 times followed by a letter produces that pattern. Oh, and I think my favorite part of the analysis is the fact that it writes out, in letters, numbers into the vigintillions. That puts it 30 orders of magnitude larger than the next largest number I've actually seen written out anywhere but in a list of large numbers' names. —Alorael, who has determined that his passwords are actually relatively easy to brute force. He just doesn't see anyone dedicating months of processing time to that task. Quote Link to comment Share on other sites More sharing options...
Hatchling Cockatrice Randomizer Posted October 14, 2011 Share Posted October 14, 2011 Certain passwords are considered weak if they can be cracked using a table of known words that can be found in a dictionary, first names, or calendar dates. Adding a letter or number that makes the password not be a known word makes it much harder. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast Dintiradan Posted October 14, 2011 Share Posted October 14, 2011 Originally Posted By: Dintiradan What sets warning bells off for me are services that require you to change your password on a regular basis and stipulate that your new password cannot share a substring with any previous passwords. I've don't think I've seen this restriction actually enforced though, which is a good thing; while you can use hashes to see if two strings match exactly, I don't think you can to see if two strings share a substring. Originally Posted By: Alorael Actually, there's a really easy way to test that. Go with the most basic substring: a single character. Read off each character from the old password and check to see that the new one doesn't contain it. If you're storing passwords as hashes (basically the same concept as a checksum), you shouldn't be able to recover the individual characters. If the authentication software is able to remember each character in the password, that means that it's storing it somewhere as cleartext. Again, I haven't seen anything that actually enforced the substring rule. They were just phrasing recommendations as requirements instead. Basically just "don't just enter your old password and stick a different number at the end", which everyone does anyway when forced to change on a regular basis. Quote Link to comment Share on other sites More sharing options...
Hatchling Cockatrice Alorael at Large Posted October 14, 2011 Share Posted October 14, 2011 You wouldn't need to store the password, just a list of characters used. Admittedly, that's also a huge security problem. Best case scenario for ten unique characters used in a ten character password is 3.6 million possible passwords. But with only 8 characters, the standard minimum, that's a mere 40,320 permutations. Start duplicating characters and it only gets worse. —Alorael, who could see another odd, difficult, and interesting implementation: perform some simple encryption that replaces characters with different characters, them store the result as an image. Compare the new and old password images and reject the new one if visual similarity is too high. That couldn't find substrings very well, but it could compare total number of matching characters without involving any text, strictly speaking, and even access to the images won't give cleartext. A Unicode-friendly ROT# would work, but the images would still be easy to decrypt. There's probably not any good way to conceal the passwords except possibly converting the images into something not resembling passwords at all, achieving security through obscurity, which usually feeble security. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast The Mystic Posted October 14, 2011 Share Posted October 14, 2011 Originally Posted By: Dantius Originally Posted By: The Mystic And yet I've had Hotmail tell me that such a password is very weak, and then tell me that a 6-character password full of garbage was very strong. In addition to being a terrible email service, Hotmail also apparently lies. The algorithm to generate "password strength" probably counts characters and repetitions, but that's not how algorithms to break passwords work. For a better analysis of password "strength", try this. Hotmail isn't all that bad; I've used worse. Anyway, cool link. I just discovered that one of my old passwords could be hacked in 8 seconds (and it was, indeed, hacked), and that its replacement could be hacked in a day. And oddly, one of my oldest passwords, which Hotmail claimed was extremely weak, would take 8000 years to hack. My best password by far was one I made recently; it would take 809,000 years. Then I typed in "meanwhilebackatthetimeloopexperiment"; it checked out at 110 decillion years. Originally Posted By: Lilith Originally Posted By: The Mystic That actually did happen, and I had to use it for my job at the time. Then again, it was a corporate website with a lot of sensitive information, so it needed to be a bit paranoid. The site kept a list of every password you've ever used on the site (even temporary ones given out if you forgot your password), and checked all your new passwords against the list; if the new password matched, it was rejected. please tell me it didn't store that list of all your passwords in a cleartext file somewhere because that would be a hilarious security hole I certainly hope not; I didn't work in their IT department, so I wouldn't have known anyway. And even if they did, I wouldn't care at this point, seeing as there was no love lost with the company when I left (I liked the people, but the pay (commission only) sucked; I actually lost money by working there). Originally Posted By: Rowen My school does not allow the reuse of passwords. And they suggest ones like ASDF760SAD&*^*-O*D&SFgo to be your password and then tell you to memories it, never writing it down. Sometimes I feel that security and stupidity are mistaken for the same thing here. That sounds like a fairly accurate assessment. It also sounds like whoever wrote the password generator was rather lazy. Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall The Ratt Posted October 14, 2011 Share Posted October 14, 2011 I wonder if that link you gave is secure/remembers what people enter. If it does, it could be gathering passwords for one massive attack! Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast keira Posted October 14, 2011 Author Share Posted October 14, 2011 Originally Posted By: The (Armored) Ratt I wonder if that link you gave is secure/remembers what people enter. If it does, it could be gathering passwords for one massive attack! Nothing is uploaded anywhere, all calculations are done client-side. At least that's what Firebug and casually looking through the code says, I wouldn't test your bank passwords (just swap one part for something similar and the entropy should remain about the same). Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall Rowen Posted October 14, 2011 Share Posted October 14, 2011 Originally Posted By: The (Armored) Ratt I wonder if that link you gave is secure/remembers what people enter. If it does, it could be gathering passwords for one massive attack! My Spanish passwords have been compromised. Maldito sea! Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall Niemand Posted October 14, 2011 Share Posted October 14, 2011 Besides, unless they also had some idea who you were or your account names they would have no idea which of their vast database of passwords to use where. This would leave them the problem of needing to brute-force the username, as well as which password to pair with it, not knowing for certain whether the system being tested is even one for which they have any valid passwords. Quote Link to comment Share on other sites More sharing options...
Ineffable Wingbolt Tirien Posted October 21, 2011 Share Posted October 21, 2011 Huh, hate to be a thread necromancer, but... Dantius, I could kiss you. My new password will hold for 10 million years, while my old would have only held for 5 hours. Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall A less presumptuous name. Posted October 21, 2011 Share Posted October 21, 2011 Now that I finally gave it a try, my current password is a little under 200 days. Changing the case of a single letter turns the unit from days to years. Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall Micawber Posted October 23, 2011 Share Posted October 23, 2011 44 novemvigintillion years. Guess no one will be hacking into my wifi. Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall Balladeer Posted October 24, 2011 Share Posted October 24, 2011 My bank only allows passwords of up to 8 characters... I tried entering the same number of letters, numbers, and symbols it has (some of each) and its only secure for 1 year. That sucks. Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall Micawber Posted October 24, 2011 Share Posted October 24, 2011 Well I wouldn't worry too much. A bank should have strict security rules, they would lock your account after half a dozen incorrect attempts, i.e., long before any brute force attack could succeed. Quote Link to comment Share on other sites More sharing options...
Hatchling Cockatrice Alorael at Large Posted October 24, 2011 Share Posted October 24, 2011 Fun fact: my bank has just such a security system, and someone kept locking me out of my account. I would have suspected an attempt at brute forcing, but three tries every few weeks makes that a rather low payoff attempt. I think someone else's login was similar to mine and they were making some mistakes. —Alorael, who changed his account name and stopped having problems. And by "changed his account name" he means "argued with the bank until they admitted that having to close and immediately open an account, getting all new cards and handling an enormous wad of cash, is an idiotic plan in which everyone loses." Quote Link to comment Share on other sites More sharing options...
Magnificent Ornk Aran Posted October 24, 2011 Share Posted October 24, 2011 Originally Posted By: I made a vow with zombies in it. —Alorael, who changed his account name and stopped having problems. And by "changed his account name" he means "argued with the bank until they admitted that having to close and immediately open an account, getting all new cards and handling an enormous wad of cash, is an idiotic plan in which everyone loses." Mh; my login is my account number (and therefore likely the primary key in their database) which means it probably would be easier to open a new account than to get it changed. Quote Link to comment Share on other sites More sharing options...
Understated Ur-Drakon Tyranicus Posted October 24, 2011 Share Posted October 24, 2011 My bank's website actually lets me change my username. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast Dantius Posted October 24, 2011 Share Posted October 24, 2011 My bank wants me to come up with a 15 digit alphanumeric username that has no relationship with my actual name or account number and then a 20 digit alphanumeric passcode including at least one capital and a symbol. My credit union, however, has the hyper-advanced security of "entering in my credit card number and identifying which one of these four pictures I selected when I signed up". Oh, and it needs my 4-digit PIN too. So I'm kind of concerned about that. Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast Dintiradan Posted October 24, 2011 Share Posted October 24, 2011 My credit union requires me to enter my debit card number and a five digit code, so yeah, same boat. The site also asks me a random security question every time I log in from a new computer. It also displays an image and caption once I log in, but that's an anti-phishing feature, not an authentication feature. Phishing sites won't know which image I picked and which caption I wrote. Of course, it's too late if you notice you're on the wrong site after you've entered your credentials... EDIT: Huh, now that I think about it, a phishing site could send your credentials to the actual site and mirror all content dynamically, including your image and caption... Quote Link to comment Share on other sites More sharing options...
Unflappable Drayk ĐªгŦĦ Єяŋϊε Posted October 25, 2011 Share Posted October 25, 2011 now, your getting me paranoid Quote Link to comment Share on other sites More sharing options...
Hatchling Cockatrice Alorael at Large Posted October 25, 2011 Share Posted October 25, 2011 I'm trying to think of a workaround for the security image exploit, and I'm drawing a blank. Any brighter minds have a solution? —Alorael, whose best ideas all revolve around replacing the simple image with something bandwidth-intensive and impossible to link to without downloading and re-uploading, like security movies. That still isn't perfectly secure, and it relies on customers' willingness to put up with loading large files for security. Better solution: check the URL! Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast Dantius Posted October 25, 2011 Share Posted October 25, 2011 Originally Posted By: Present Ongoing Breakup I'm trying to think of a workaround for the security image exploit, and I'm drawing a blank. Any brighter minds have a solution? Yes, go to your bank in person to make all transactions, pay your bills by check instead of wire/telephone transfer, and don't register for online banking. What? You didn't say it had to be practical! Quote Link to comment Share on other sites More sharing options...
Magnificent Ornk Aran Posted October 25, 2011 Share Posted October 25, 2011 Originally Posted By: Present Ongoing Breakup I'm trying to think of a workaround for the security image exploit, and I'm drawing a blank. Well, instead of an entering credentials to see an image, you and the bank site could verify a shared secret without transmitting the secret. This would allow you and the server to verify each other's identity without leaking credentials. Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall Harehunter Posted October 25, 2011 Share Posted October 25, 2011 Now you guys are making me feel like an old fuddy-duddy. My wife and I have resisted the urge to do on-line banking. I suppose being a DBA makes me more paranoid than most. I work too closely with computers to trust them. I have only one debit card, which I never use for online transactions. I have several other cards that I could use to get cash, but I always say no to the offer of enabling that feature. The only computerized transaction I do have is direct deposit. Any other services I need, I get in the car, drive the two miles to the bank, and take care of it. I once tried to get my wife to try Quicken. That lasted all of about 15 seconds. She likes her accounting system; the Big Chief method. It doesn't involve learning any computer program; it's simple to use; if it crashes she just picks up the pad off the floor; to reboot, she just click more lead out of the pencil; it's portable; it works without electricity; and it works. Bills get paid by check, and I drop them off directly at the post office. I have done a lot of online shoppinng, but it still gives me a mild anxiety when dealing with a new vendor. Paranoia is a healthy attribute for a DBA, but it hampers adaptation to new technologies. Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall Balladeer Posted October 26, 2011 Share Posted October 26, 2011 'Unlimited' Bandwidth doesn't actually mean 'Unlimited' I guess. After a couple years of having a well used chat, FatCow has decided we're using too much of our 'Unlimited' bandwidth with it and demanded that it be deleted or no website. ... Of course, they have the right to decide how much of 'Unlimited' is too much, since they gave it to themselves in their Terms of Service... Who knew half a dozen people could talk so much? Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast keira Posted October 26, 2011 Author Share Posted October 26, 2011 Originally Posted By: Jewels in Black Who knew half a dozen people could talk so much? I wish there were that many...three on average if we ignore the times when nobody is on, we might get six or seven once every two weeks... But this is just stupid. Chat was set to 5 seconds between requests...that 720 requests per person per hour (not mentioning that fact that every other request times out due to server "wonderfulness"). So, that's 2,160 for three people per hour. At an average of 512 B per request (most are lower because they aren't carrying any new messages, on the off chance someone talks this will go up, as it has to carry the message with it), that works out to 1,080 KiB per hour for three chatters. So yes, by my math, Jewels's webhost is getting butthurt by one megabyte per hour. Quote Link to comment Share on other sites More sharing options...
Understated Ur-Drakon Nioca Posted October 26, 2011 Share Posted October 26, 2011 Ouch. So what's the plan? Are you guys going to remove the chat to comply, or is CalRef moving yet again? Quote Link to comment Share on other sites More sharing options...
Easygoing Eyebeast keira Posted October 26, 2011 Author Share Posted October 26, 2011 Originally Posted By: Nioca Ouch. So what's the plan? Are you guys going to remove the chat to comply, or is CalRef moving yet again? For now, turning the chat off. May change it so the chat requests every ten seconds instead (this was the rate back when CalRef was on ProfuseHost). If that doesn't work, I'll start whoring myself out to pay for a VM with rackspace or something Quote Link to comment Share on other sites More sharing options...
Well-Actually War Trall Balladeer Posted October 26, 2011 Share Posted October 26, 2011 Well, my plan is to ultimately get them to give me a year of hosting free for even daring to suggest that my tiny little website is too much for their servers to handle. Implementation is still a work in progress but the secret weapon is available and will be brought out if needed. Edit: And really their complaint was the # of requests rather than the bandwidth. Shouldn't be too hard to fix, but still... We can't even be close to what a 'real' website is using. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.