FYI, I received a notice regarding hacked passwords. There’s no indication that IPR has been hacked, but it was an alert that I felt was worth responding to.
I also noticed that a particular (unnamed) author account had several failed login attempts. The account had not posted any new articles in years. I deleted the account and as part of that attributed its old posts to me. So there will be hundreds of old articles that indicate I wrote them when I didn’t. Part of the hassle of running a website. That author still has a regular subscriber account as well.
Anyway, it’s my suggestion that all users change your passwords both here and on other websites. Here it is particularly important for authors and editors. There are only three site admins now. I removed two old admin accounts.
I don’t think most hackers would bother targeting IPR, but it still seems wise to take some steps for security.