On Sun, Mar 16, 2008 at 11:14 AM, Steve Morrey <s.morrey at itconsultingplus.com> wrote: > Even if they only used a self signed SSL cert and only used it on the > log in page, that would be enough to prevent the attack, and that is > relatively simple to set up. Keep in mind you can get a GoDaddy turbo cert instantly now for $20. --Chris