In the early days of setting up this website, I did a lot of research on the proper security configurations that every website needs for protection. I settled on one of the most popular plugins, which included several notification options. Out of curiosity, I set the plugin to notify me via email if an attempt was made to breach the website.
I wasn’t prepared for what followed: daily, and sometimes hourly email notifications of failed login attempts, brute force attacks, and other digital violence against the site. A single brute force attack involves trying and guessing different password combinations over and over again, hoping to get lucky and breach the login page. As you can see below, it may involve as many as 10,000 separate attempts in a matter of minutes, something only possible with a program or some other kind of automation.
A few alerts of brute force attacks and failed login attempts.
At first, I was confused. Why would anyone want to breach my website? There was no content, only the default “Hello World!” placeholder. Nevertheless, I did my research and found the plugins and settings I needed to stop the flow of breach attempts.
Even if you only have an empty placeholder website, a Facebook account, or an email address, there is someone out there trying to compromise it. Maybe they can glean an address, birthday, or other private information. Maybe they can take over the account, lock you out, and ransom it back. How much would you pay for a decade’s worth of your photos that you’ve carefully curated and organized? Probably a couple hundred dollars, at least.
The point is, there is no level of a digital life so trivial that someone, somewhere, won’t try and compromise it. There are bots out there trawling the internet, looking for that one user with a weak password or common PIN. If you’re active on the internet, there is a basic level of precaution and care that you need to take in order to protect yourself.