eknowhow™ Accounting has implemented a number of procedures to prevent this situation occuring, including:
1. Administrator's accounts are disabled after six incorrect login attempts within a 30 minute period. In order for this person to regain access to the website, another administrator must re-enable the administrator's account. This procedure prevents "brute force hacking", that is, people trying to hack into your website by simply guessing password combinations;
2. Administrators are forced to change their passwords every 30 days;
3. Administrator's new passwords cannot be the same as any of their previous six passwords;
4. Administrator logins timeout after 30 minutes of inactivity; &
5. To prevent easy-to-guess passwords, restrictions have been placed on all administrator passwords. All passwords must be between 8 and 12 characters and contains at least one number, one letter and one special character ( eg. @ # $, etc ). In addition, the password cannot be the same as the Administrator's username.
6. These procedures have also been implemented by prominent Australian Financial Institutions and are recognised as providing a very high level of Internet security.
