Retired Themes-Round 2 (sorta)

And the theme retirement trend continues on WordPress.com with new additions to the previous list of retirees:

  • Bueno
  • Dark Wood
  • Enterprise
  • Inuit Types
  • Monochrome
  • Motion
  • Neutra
  • Notepad
  • Notes IL
  • Paperpunch
  • Steira
  • Structure
  • Titan
  • Under The Influence
  • Vostok

Again, existing sites can continue to use their theme even though it is retired and sites set up prior to a theme being retired can switch to that retired theme. What you cannot do is create a new site using a retired theme.

Continue reading “Retired Themes-Round 2 (sorta)”

Use the Support Search, Luke!

With the upcoming Automattic Annual Get-together (Automattic being WordPress.com’s parent company), many of the support options usually available to even those WordPress.com users with paid upgrades will be temporarily closed or minimized and support requests will be channeled to the Community Support forums for assistance. Yikes!

Those of us who regularly volunteer in the Community Support Forums are well acquainted with user frustrations when it comes to getting a timely answer to an urgent question. What doesn’t always seem obvious is that answers to many of the questions asked in the forums can be found in one of the best resources around – The WordPress.com Support Site.

Continue reading “Use the Support Search, Luke!”

Doing Business on WordPress.com

More companies are making their way to WordPress.com to build their web presence either as a blog or as a full website (as long as e-commerce is not the primary function of the site). And what’s not to like? On signing up and agreeing to the Terms of Service, a company gets a free or low-cost website with all updates and security handled by Automattic, excellent SEO built right into the platform, an excellent up-time record and, if a company chooses to buy the Domain Name Upgrade, there’s also easy branding or integration with the company’s existing website.  If you are comfortable with not having total control over your website, mostly in the areas of plug-ins and use of special code, WordPress.com is an excellent choice for business.
Continue reading “Doing Business on WordPress.com”

Hacked!? Not So Much: Your WordPress.com Account and Security

This past weekend a number of WordPress.com users discovered that a spam post promoting a “make money from home” scheme had been published on their websites without their prior knowledge or consent.  Many of those sites had not posted for some time while others had recently posted. What was common to them all, apparently, was the use of the same password for both their WordPress.com site as well as on other sites they logged into and which had been cracked.

Pete Davies, who works for WordPress.com, posted this response in the Community forums:

Thanks for letting us know about this. We also noticed something suspicious. We have reset the passwords of all affected users and have sent them an email to let them know. If there was any spam posted and not removed before we got there, we also went ahead and cleaned that up.

It is very likely that you were using the same password on WordPress.com that you used elsewhere. Recently, a few large services — LinkedIn, Yahoo, eHarmony, and Last.fm to name a few — have suffered well-publicized security breaches that have exposed email addresses and passwords. Although the passwords are usually stored securely, simple passwords can be decrypted or “cracked” in a matter of hours using modern technology.

Hackers gather the lists of email addresses and passwords from these services and then try to use them to access accounts on other popular services, like WordPress.com. If you used the same password multiple places, then your account can be compromised. That is what happened here. We do have measures in place to protect password guessing or “brute force” attacks but in this case, since the password is known beforehand, there is no need for a hacker to guess.

You should have a strong, unique password for every account you have on the internet. We have some more information on selecting a strong password in our Support section, please read through it:
http://en.support.wordpress.com/selecting-a-strong-password/

If you have any additional questions about the security of your account, please contact us using the form on this page:
http://automattic.com/security/

We take security seriously, and are happy to answer any questions you have.

via Spam post? « WordPress.com Forums.

More information on keeping your WordPress.com account secure can be found in the WordPress.com Support doc on Security.

The importance of having a unique password for every internet site you log into cannot be stressed enough and, if you use a public computer (at work, the library or at university) to connect to the Internet, the importance of logging out of those sites and clearing the browser’s cache and cookies each and every time is equally important.