The hackers are out in force.

Writerspace.com was one of the victims, all usernames and passwords were released among a 62,000 name list on the web. The Senate was another victim.

Once again it brings me to the importance of keeping stuff to yourself.

If you use the same login / email / password combo on every site, then you only have yourself to blame if you end up in deep sheep.

Don't.

Just, don't.

I woke up this morning to an email from writerspace.com to alert me my username and password for their site are on this list. Luckily I don't use that combo anywhere else.

The really annoying part of this is that I am now having to deactivate that email address – thanks to their inability to keep their member's details safe.

The rub of all this is — I'd signed up a few years ago for some chat event or something. They never activated the account, so I cannot get in and change it, or even access anything or participate.

After many emails (which returned standard "We've received it and will deal with it" replies) I gave up, as I never had a single reply to my attempts to get my account activated so I could use it.

I will never sign up there again, no matter what tempting offers or events there are. But then, I'd already given up on them and wasn't going to create a new account anyway, since they were incapable of activating the first one.

I've also demanded they remove my details from their servers. No doubt it will be ignored as much as my emails to activate the account were.

Personally, I will never go there again, and I'm quite sure a lot of other users won't either.

Sites have a duty to keep your details safe. You can have the most secure password in the world — if the site you sign up at doesn't protect your data, you're screwed.

As writers and readers, we tend to join a lot of sites, which generally demand personal details.

I'm sick of that. I won't provide them.

Ask me for my address and phone number? Sure. I'll give you an address and phone number.

A FAKE one. It's because of things like this list of emails/passwords getting out there.

They don't need to know my home address or phone number. Give me ONE good reason why a forum needs to know where you live.

If you're stuck with coming up with one:
A shopping site – fine. Shipping details are usually stored, but their databases tend to be mega encrypted. I'm not terribly worried about that.

But if you log in with the same username and password at multiple sites — some of which may hold personal and financial data about you — and something like this happens… well. No amount of encryption will stop a user who logs in with the correct details. And then they have full access to everything, because the system thinks it's you.

While you may not be worried about some forum login being compromised, be worried about places like Amazon (for instance) which you likely also have an account with. If your login details are the same, what's to stop a user going to town with your credit card details, if they are stored there?

Facebook is another. Twitter. Myspace. Whatever. Those places where you hook up with people.

Someone I know had her Facebook account "hacked" because of this email/password release. The user posted porn — using her login — and the account got banned for being offensive.

And if you're not worried about your Facebook account…that's your prerogative. I'd like you to worry about the people who friended you, though. They probably gave you access to their details — and someone logging in with your username and password will have full access to their details because of it.

I have taken steps to stop my main email being compromised — because it's going to get spammed big time now — and will deactivate once I've changed the logins at the sites where I've used it. (Though not with the same password.)

And I will no longer register with a generic password anywhere. Because if I can't get in, then I can't change it to something safer. (I generally take my time to come up with something secure that I can remember, hence the generic. It gives me a day to think about the password I want to use.)

So from now on I will use a dedicated domain (yes, domain) to create login emails to use.

All those email addresses on the list they released will have been picked up by spammers by now.

If it contained your main, use for everything, email — prepare for lots of spam.

Which is why I'm deactivating mine. (It's already locked into a spamassassin / boxtrapper loop anyway.)

Barring instances like this, where the whole kaboodle is released onto the web, here are some steps you can take to be safe:

Use a dedicated email address to sign up on sites – one you don't use for anything else.
Don't use the same email address you use for friends and family.
Change your passwords frequently. (And I mean more than once every 5 years!)
Don't use the same password at every site.
Use long passwords (over 8 chars)

Stay safe.