papamike writes:  

I spent a whole bunch of years as a Network Engineer (retired PhD). And in all of that time one thing I pushed was strong passwords.

I violated my own goldplated rule and allowed one of the people I host to have a 'weak' password because of his physical condition.

Now today I'm paying the price for violating my rule in the number of hours spent weeding out implanted code within php and html files scattered all over the site in question.

Please, for your own sake, keep the passwords strong and don't give them out to anyone. Your friend today just could be your enemy tomorrow.