26. the zombie army is attackers’
response to our better defenses
as wordpress becomes a better target
the incentives for breaking it rise
@brennenbyrne
29. the old way of doing this meant:
!
1. typing your password
2. getting a text with a bunch of numbers
3. typing in the bunch of numbers
!
(google authenticator)
@brennenbyrne
33. without ssl, everything is public
@brennenbyrne
only do stuff you wouldn’t
mind standing on a table
and yelling about in a
coffee shop
i.e. no passwords or credit cards
41. use two factor for admin
@brennenbyrne
otherwise
install bruteprotect and cloak
read wordpress security checklist
getclef.com/wordpress-security-checklist