Never say never. Nothing is impossible with computers. Sometimes just highly improbable though. With the right username and password anything is generally possible and this means that website owners, especially those with very popular sites (like mine :tongue:) have to make sure the passwords are as hard to guess as possible, even hard for computers to guess. And as far as I am concerned, I keep a full backup of all files and databases anyway so owning my site is futile. What we have to realise though is that the user might not want to do this to someone, he might be a victim, though admittedly he didn't make this clear.
