Voices is under attack by a distributed botnet. Prior to requiring off campus bloggers to connect to VPN before they can login, the login page was receiving over a 100 login requests per second. So what are the attackers trying to do? Well, they are trying to brute-force (keep guessing until you get it) passwords. They are most likely trying to brute force the password for admin, but we do not have a user with that username. We would suggest that if you haven’t ever changed your password on Voices or haven’t in a while that you change your password and make it something reasonably secure. You can use The Password Meter to check the strength of your password. We are investigating ways to protect Voices that will not require VPN.
“Should I be worried?”
“No.”
This type of attack happens to popular websites all the time. Usually the attack results in the server crashing due to the incredibly high number of requests being made. These attacks make the news when the site that goes down is for a major corporation. We have things under control for now and will hopefully be able to remove the VPN requirement soon.