Is this a security problem?

[TwoHoot]

When other websites link to www.betterbradynow.org, I try to check out the link to us.

http://www.webitch4u.com/ has a link in the first line of their 8-26-2012 -- 5:05 AM posting. When I use their link on the computer I use to administer BetterBradyNow.org, the LogIn form is filled in with username PollAdm and a password. (There is no such User as PollAdm). Logging in from another computer shows a blank Login form.

Is this a security problem for me? Does the webitch4u site have a security problem?

Cordially,
TwoHoot

[Webdongle]

Check your Browser settings, it will be saving passwords.
PollAdm and the password is one someone entered on your PC. As it was remembered by the Browser then at at one time it was a working user/pass for somewhere.

[TwoHoot]

Thank you for the prompt reply. Your are correct. The PollAdm username and Password were in the Firefox Browser.

The problem is that I am absolutely certain they were not entered from my computer keyboard. I work at home alone. There has never been any such Username on this computer anywhere, anytime.

The first time they appeared was when I checked out the link on the other website. When I clicked the link to see if I had a security problem, they were saved by Firefox.

Should I turn off the Remember Passwords feature on the Security Tab of Firefox preferences? I believe most of my passwords are saved in KDE Wallet (?) anyway.

Again, Thank you for the prompt reply.
Cordially,
TwoHoot

[Webdongle]

...
The problem is that I am absolutely certain they were not entered from my computer keyboard. I work at home alone. There has never been any such Username on this computer anywhere, anytime.

The first time they appeared was when I checked out the link on the other website. When I clicked the link to see if I had a security problem, they were saved by Firefox.
...

It is possible that someone has remote control over your PC but it could be a pre-filled in form on the site. What is the url where the login is ?

[TwoHoot]

A little voice in the back of my head said "you are going to have to eat that" when I reread my post and saw the words, "absolutely certain".

Now, I eat the words and apologize. I am NOT absolutely certain it was not entered from my keyboard. I don't want to think it was but it might have happened without my knowledge. There is also a login to a yahoo account that I don't know anything about at the same time, so it probably was entered from my computer. Just how and by whom, I don't know.

Also, I don't understand how it could appear when betterbradynow is accessed from webitch4u but never when it is accessed from here. Or why the extraneous username shows up on only one computer - the one I use to administer the site.

I am very ignorant about website security and leave most settings at default. What should I do next? I already changed passwords on everything.

Is it safe to use the Remember Passwords feature in Firefox?

Cordially,
TwoHoot

[Webdongle]

What is the exact url of the page with the login form ?

[TwoHoot]

What is the exact url of the page with the login form ?

www.betterbradynow.org

Cordially,
TwoHoot

[Webdongle]

The login form I see has empty fields so either you or someone else typed in the user/pass or your computer has been hacked.

[TwoHoot]

How do I determine if the computer has been hacked?

Some way, an invalid username and password left my Firefox password list and came back to me from a third party website (webitch4u.com) link. It was invalid, but other usernames and passwords stored in the same Firefox list were very important.

This seemed odd enough to me that I raised the question here so experts could look into whether this is a security issue in openSUSE Linux 12.1, Firefox or Joomla!. I believe in OpenSource so I am reporting something that seems strange to me.

One other thing is that there have been a number of accounts created at betterbradynow.org recently that have a .ru suffix. This is a small local website that might be interesting to a few hundred people in McCulloch County, Texas. There is absolutely nothing there that would attract international interest.

If it is just my local computer, I can change the passwords and start administering the websites from another one.

With my limited knowledge about the technical details of security, sometimes the quickest, easiest thing to do is format the hard drive and start over whenever something suspicious happens. My ignorance tends to frustrate experts who try to help me. If it is just my own little local problem caused by my own ignorance, then there is very little you can do to fix it.

I am not trying to be troublesome. I will give you any information that might help you investigate further if you wish.

Cordially,
TwoHoot

[Webdongle]

A list of Tools http://docs.joomla.org/index.php?title= ... l_Security

For your PC is also
http://www.zonealarm.com/security/en-gb ... rewall.htm
http://www.avira.com/en/avira-free-antivirus