Use Strong Passwords

I can’t stress enough how important it is to use strong passwords for everything you do while working online.

Yesterday a client contacted me because their WordPress powered website started redirecting to another website, this spam site then tried to install a backdoor program that could have been a security vulnerability on your home computer.

When asking the client for their site’s username and password I received the following information for the main administrator account:

user = admin
Password = admin

Hate to say it but that password alone is not good enough! The client in mention had been using that same username and password combination for the past two months, I was actually surprised the site had not been hacked a lot earlier.

It is not very hard to be creative when creating passwords. Sure you might not be able to remember difficult passwords off the top of your head, but at least your website will be nice and secure.

When creating passwords try using the following:

• Use at least 9 characters
• Use upper and lower case letters
• Use numbers
• Use symbols, such as: ! @ # $ % ^ & * ( ) = -_ + \ | ” : ; / < > ~

Never use:

• Names
• Words that are in the dictionary or common words
• The same password twice

Be creative and make passwords like:

t6#jL9^a8%6s

Or even try using a strong password generator:

http://strongpasswordgenerator.com/

Being creative with your WordPress username is also a huge benefit. From WordPress 3.0 onwards you can create a custom username when installing WordPress for the first time, try avoid using the well known username admin.

If you are already using a WordPress site that is using the username admin, then simply create a new WordPress account and delete the old account.