Some of you may have noticed that the forum wasn't working well this morning, or early afternoon. I got up late, so I don't know how long it might have gone on before then, but I couldn't connect to the forum. I was getting timeout errors. The forum was under a brute force attack. Attempting to gain access to the administrative account, a brute force attack is an automated attack, in this case using several IPs, all hosted in China, that tries one key combination after another, hoping to hit upon the password that is being used. Since a lot of people use words for their passwords, some brute force attacks simply try every word in the dictionary, while others use a systematic sequence of keyboard characters. Brute force attacks are often able to gain access eventually, although it can take hours, days, months or even years to be successful, depending on the complexity of the password used. According to tech support, they were using multiple computers, probably each using different sequences of characters. They were also attacking both of my forums, which are hosted with the same hosting company, but on different accounts. They may have been targeting me but, more likely, they were targeting a host of forums, or perhaps simply accounts hosted with the same company. They were not successful, nor do I expect that they will be, and for a couple of reasons. For one, I use a password that consists of random characters a mile long, and I change it periodically, especially after experiencing such an attack. For another, my host would shut the forum down before they were apt to be successful. The reason that the forum was slow or unreachable was that, when multiple computers are rapidly accessing the forum, as they were, the results are the same as a DDOS attack, except that the purpose is to access the administrative account, whereas the purpose of a DDOS attack is to crash the site. Everything seems to be back to normal now, and I apologize for being inaccessible. That just comes with running a website. Oh, by the way, brute force attacks are usually directed against the administrator's account but it doesn't hurt to use random characters in a password, and to change it from time to time. That's always a good practice, wherever you are asked for a password, but it was my account they were trying to access, not yours.