Some of you may have had the unpleasant experience of being blocked from the site. This happens if you try to log in unsuccessfully 3 times in a 30 min. period. If you have tried twice unsuccessfully, please wait a half hour before trying again or, if you have forgotten your username and/or password, use the Forgot Your ... links in the login box to retrieve them.
A few things to know:
- You don't have to log in at all to read anything on the site -- logging in is only necessary for posting comments.
- No, I can't send you your password -- I have made the site secure from me too, and I can't see your password. Username yes, password no.
- Because of our very tight security measures, it is more than usually important to read and follow directions. Fortunately, anyone learning about Real Spelling is becoming, or is already, used to precision.
This absurdly tight security system is necessitated by the prevalence of hackers on the internet. Unfortunately, this is just a fact of life in our 21st century world. I run dozens of sites for myself, schools. and clients, and I can tell you that all of them are attacked dozens, sometimes hundreds, of times every day. Fortunately, most of the attacks are lame, but some do occasionally get through.
Those of you who have been on the site for awhile may remember when it was successfully hacked in the summer of '12. That little episode cost me around 30 hours to fix, and was just a damned nuisance. There are many different types of attack, most of which have nothing to do with you. But one prevalent type is a brute force attack, where the hacker sends a bot that cycles through hundreds of randomly or systematically generated usernames and passwords each minute. Even though this type of attack is rarely successful, it can slow down the site dramatically while it is occuring. But blocking the bot cuts off the attack.
More seriously, hackers sometimes (more often than you'd think) capture your username, and then only have to guess or generate the password. This happens because usernames are often sent in emails, and most people use the same username on many different sites. Too many people also use passwords that are not that hard to guess. So, in this case, a brute force attack is much more likely to be successful.
You may have noticed (or maybe you just took for granted) how clean the site is -- no spam, no ads, no trolls, no flame wars. This is not an accident. I spend a lot of time and effort keeping the site safe and clean -- for instance, for every legitimate registration I receive, I get a dozen or more every day that are from spammers who just want to post ads, flames, and other crap on the site, which is why we have the rather onerous registration system in place.
I hope to be able to go on providing the RS community with a site that is safe, secure, and clean. But doing that, alas, means that sometimes you may trip over the very tight security measures needed to accomplish this. I apologize for the annoyance some of you may feel when you get blocked. But believe me, it is nothing compared to the annoyance all of us feel when the site is hacked or spammed.