Now that you have StrongBox it's time to learn a few tricks on quickly finding and neutralizing password leaks before they burn anymore bandwidth.

StrongBox's Login Activity ScreenLog into your StrongBox Admin, Click on Reports. We will be working with the "Site Activity Report". You can use the activity report to monitor the smallest password leaks, often finding them before they fully get abused.

In the Activity Report menu modify the date to for the first week of the month. Depending on your member base, enter a higher number, 2000
normally does the trick for most people. Check the Successful logins only box, and then click Show Activity button.

The full Strong Box username and password activity report

Neat! Now check out the Countries column. Every displayed username shows the amount of country logins in the 5th column. Open a new browser/tab and open your StrongBox admin panel again. We will be checking the detailed logs ("Detail log for user") for usernames with 2+ country logins. 98% of your country logins from 2+ or more locations are password leaks.Username lookup tool

Grab a username with the highest amount of country logins, pretty much guaranteeing that it's a leak. StrongBox may have blocked the IP's and not the username, so only 2-3 countries may have logged in while others have failed to login. This example login report shows 2 USA logins, 2 other countries (3 total country logins for 4 people) then 3 more country logins that were already IP blocked from other attempts. This is clearly a password leak.

When looking at the Activity Report, if you have multiple country logins, and high login attempts then it's a leak. If you have 2 countries and 3 ISP's, it's a leak. With practice you will quickly learn to spot the non-leaks vs the real-leaks, but I still recommend you check every account that has 2+ country logins.

Not all password leaks are handouts; even StrongBox is subject to some levels of brute force attacks.

It's easy to spot handouts vs. real leaks, the username/password combo & if the Members account is already canceled but not expired. If the user/pass is not simple and the Members account is canceled, they gave it out the details. If it's a very simple user/pass, such as bigdad/dad123 has a very high chance of being brute force attacked, so it's possible this is a legit leak.

I change my member passwords on every leak, and then email them a new password. I don't threaten them or say why, I just say here is your new info, enjoy. If the member has canceled though, most don't log back in and they clearly gave the account info out, I close the account to quickly capitalize on the password traffic.

This will quickly assist any Paysite with monitoring password leaks. I suggest you check the "Site Activity Report" 2-3 times a week on your top sites. Keeping even small password leaks under control will help reduce torrent leaks, bandwidth costs, leased feed costs, server load, video loading speeds and it may even push more people to sign up since it's so hard to gain free access.

Hope this helps.. Enjoy ~ TheDoc

Learn more about StrongBox and its protection & security features!




(Please Rate This Article) Hate It - Less of ThisLove It - More Of This