Every website is subjected to an ongoing stream of undesirable and malicious activity. Most of it is relatively harmless, and is primarily a nuisance for the system administrators. Sometimes though, it gets to be more than just a nuisance. For the past few days, there has been a significant increase in 'botnet / zombie computer activity which scans the forum for usernames and then attempts to login with those usernames and commonly-used passwords. The ultimate intent is mostly likely to post spam advertisements.

A number of you have received emails from the forum system about multiple failed attempts to login to your account here. The forum's built-in security mechanisms are working - those emails mean that the system successfully prevented the unauthorized attempted access and then banned the offending IP address for 15 minutes. All such activity is logged, and I am monitoring things closely. I have also made an enhancement which extends the automatic IP address ban to a much longer period.

If you receive a failed login notification email from the forum, there's really nothing to worry about. There is no need to reply to those emails.

However, if you have used a weak or easily-guessed password here on the forum, please do change it to a better/stronger password.

A good guideline for passwords: 8 or more characters with a mix of uppercase, lowercase, numbers, and special characters. Some examples:

Weak passwords
5875
myreef
Reeftank
Better passwords
C0ralL0ver (zero instead of letter o)
R33fTank
5@ltwat3r

You can change your password after logging in using this link: Forum Password Change. This would be a good time to also make sure the email address in your forum profile is current.