Password is password
As if further reminder were needed, with the recent PSN hacking scandal, and continuing LulzSec escapades, Wordpress.org has taken the precautionary measure of requiring all of its users to reset their passwords, after suspicious activity was discovered around several popular plugins.
The announcement ran as follows "Earlier today the WordPress team noticed suspicious commits to several popular plugins (AddThis, WPtouch, and W3 Total Cache) containing cleverly disguised backdoors. We determined the commits were not from the authors, rolled them back, pushed updates to the plugins, and shut down access to the plugin repository while we looked for anything else unsavoury."
The problem affected the open source arm of Wordpress' operation, Wordpress.org, not the commercially-backed Wordpress.com, so only those using self-hosted Wordpress installs need worry, and of those, only those that updated the affected plugins over the last couple of days should be concerned.
Wordpress' problems - proactively stepping in to prevent a potential security problem - are nothing compared to Dropbox, which managed to push out a version of the service that allowed access to user accounts with out a password. Although the bug was quickly fixed, and affected users have been notified, that will be no comfort to those worried about the security of their cloud-based files and may even prompt them to look elsewhere.