Last night it appears my email address was compromised, confirmed by my hosting provider. It was an alphanumeric password, so now I have an even more complex password a random mixture of upper and lowercase, alphanumeric and other characters. So far so good.

What troubles me is how they were able to crack my password in the first place? I imagine it is likely to be due to a multiple number of login attempts (which I imagine would be thousands or millions??)?
To counter this I had assumed that there would be some kind of login attempt limit? If so is this something I should activate in my control panel software?
Otherwise how was it done and what can I do to prevent this type of attack in the future?

man in the middle attack?
logged in via public wifi from somewhere?
malware on your machine?
saved the password in the browser?
use the same password for twitter, farcebook, forums, etc.?

and definitely do not rule out your ISP / email provider getting hacked. it’s most certainly not only at the user end where there are vulnerabilities, which is why so many major internet companies get reported as having their entire user databases compromised (and most don’t get reported).

is it a password you have ever used online anywhere else?

logged in via a wif-fi connection racently?

was it gchq/the NSA?

some providers now work on a token+password system – they text you a number each time that you have to enter as well as the password. Slows down logging in but more secure.

toys19 – what makes you think your account has been hacked?

If it is someone sending mail with your address, it could simply be spoofing.

Sorry – just re-read your mail. Missed the confirmed by ISP bit.

tootall paul it was confrimed by ISP but I am not convinced..

Assuming it is true, how can I counter it?