A secure democratic Net is a fundamental right

This is the announcement

"An unauthorized person gained administrative access to typo3.org backend due to a weak password of one of the backend users. The backend was NOT hacked as I wrote before. All accounts are currently locked. Because of the single sign on solution, this also affects forge and bugs and some other domains. It's highly recommend to change all your passwords that might be similar to the password you used as your typo3.org account. To make it clear! This affects ALL frontend user accounts. Not only the backend users! It's a really bad situation and even if the passwords where stored a md5 hashes. If you have very simple passwords (a single word for example) it is possible to get your password from a dictionary for example! So once again: 

CHANGE YOUR PASSWORDS IF THEY ARE SIMILAR TO TYPO3.ORG FE ACCOUNT! "

http://www.typo3-unleashed.net/nc/singleentry/date/2008/1... 

So much for a password policy ...... and if you don't have one yourself you can now change everything because with the password file on his server he has all the time of the world to crack password after password and so it is a ratrace between you to change your passwords and him to crack them and use them. The longer you wait the greater the possibilities that you will be hacked and when that starts you won't know where to start if you have a more or less complex setup.

Maybe they can include it in their exams for certification :)

"Zurich, September 26, 2008 – TYPO3 has become one of the leading players in the market of content management systems. To ensure quality in the field of TYPO3 services, the TYPO3 association will be offering a certification program starting November 2008. Individuals will be able to be certified as a TYPO3 certified integrator. A beta exam will take place in October 2008 at the 4th International TYPO3 conference (T3CON08) in Berlin" http://www.seesite.be/over-seesite/nieuws/artikel/detail/...

so after Joomla, we have another one to worry about..... how do we love Open Source.... Surely when it is open for all :) Open Source or not, the important question is seriousness, all the rest is propaganda.