On 14/10/15 08:43, Stephen Powell wrote: > In short, I have not "handed it over". … "wittingly".
You may not have consciously done it, but that doesn't mean it wasn't effectively "handed over". Some possibilities: - Presently undetected malware intercepting the password being entered on your client machine, from a password store, or capturing it in an outbound connection. - Nasties en route between your computer and your host intercepting the password in cleartext traffic. - Malware intercepting the password on the server end of the connection. - Someone had a lucky guess. -- Stuart Longland (aka Redhatter, VK4MSL) I haven't lost my mind... ...it's backed up on a tape somewhere.
signature.asc
Description: OpenPGP digital signature
