Questions for a User with a compromised account
--------------------------------------------------------------------

 - Do you use the password of the account at other TeraGrid sites or  
   other general accounts (Hotmail, Amazon, Paypal, Ebay)?

 - What was the time of your last known login?  Where was it from?

 - From what locations do you usually login (hostnames/IP)?

 - Which sites/machines have you used?

 - Which do you expect to use?

 - What locations (hosts) can we expect to you to login from?

 - Can accounts at other TG sites be closed down, or do you expect to
   use them in the future?

   If so, which sites are not needed:  (PSC, SDSC, NCSA, ANL,  
   Purdue, Indiana, ORNL, Texas, etc.)

 - Are passwords needed on all the sites, or are you using grid auth  
   or ssh keys?

 - Since the account was compromised, are there any special concerns  
   on the data there? private data? grid certs?

 - Do you have any idea how someone may have gotten your login info  
   (login/passwd)?
   What machines may possibly be compromised?
   Your desktop?
   Some other machine you used?

 - Have you heard anything from any of these sites on hacker  
   activities?

 - Is there a security contact at your site that could further  
   assist with this?  What is their contact info?