If there is one simple thing you can do to protect your site against hackers, it’s to use strong passwords.
Easy passwords are a hacker’s best friends. You need to create a password that is unique, random, and long to be safer.
According to the traditional advice — which is still good — a strong password:
- Has 12 Characters, Minimum: You need to choose a password that’s long enough. There’s no minimum password length everyone agrees on, but you should generally go for passwords that are a minimum of 12 to 14 characters in length. A longer password would be even better.
- Includes Numbers, Symbols, Capital Letters, and Lower-case Letters: Use a mix of different types of characters to make the password harder to crack.
- Isn’t a Dictionary Word or Combination of Dictionary Words: Stay away from obvious dictionary words and combinations of dictionary words. Any word on its own is bad. Any combination of a few words, especially if they’re obvious, is also bad. For example, “house” is a terrible password. “Red house” is also very bad.
- Doesn’t Rely on Obvious Substitutions: Don’t use common substitutions, either — for example, “H0use” isn’t strong just because you’ve replaced an o with a 0. That’s just obvious.
Granted, completely random, long passwords are hard to remember, but there are strategies in setting passwords. Here are a few.
One of the easiest ways to give yourself a strong password is to use a full sentence. The full-sentence technique works like this: Think of an everyday phrase that you can remember, like “My #1 favorite thing in the world is my family,” or “I bought my house for $1.”
Now take that sentence and convert it to a password by grabbing the first letter of each word. “I bought my house for $1” becomes Ibmhf$1.
The Passphrase Method
This method works by choosing four random words and stringing them together to create a passphrase. The randomness of the word choice and length of the passphrase make it strong. Something like “correct horse battery staple” or “seashell glaring molasses invisible” is random. The words don’t make sense together and aren’t in grammatically correct order, which is good. It should also be much easier to remember than a traditional random password.
Password managers store your login information for all the websites you use and help you log in to them automatically. They encrypt your password database with a master password – the master password is the only one you have to remember.
There are several programs that you can use, but I recommend LastPass. It’s the one I use, and it has been recommended most by trusted sources in the tech community.
Think it’s really not important? Consider this…
Over the past few years, several incidents of security breaches occurred at major websites because of poor passwords. I’m not talking about users losing access; I’m talking about the people who own the sites—sites like Twitter.com. So, roll your eyes all you want, but using good, strong passwords and using different passwords for different sites is a great way to keep your sites and online information safe. These two things are simple and give you a leg up because hackers have to start guessing what the administrator login is in the first place.
And with the recent brute force attacks, it’s even more important that you are doing everything you can to keep your site safe! Make sure your site passwords are secure! Check them now and change them!