Unfortunately it has now become likely that most websites will at some stage come under some kind of brute force attack as hackers attempt to guess your password and gain access.
Just recently we found out that a searchable database of 1.4 billion password logins has been leaked and made available in dark web communities. These passwords can be used to attempt to find out if the user has website admin level server or CMS access. This hacking highlights that it doesn’t matter if you’re using WordPress, Joomla, phpBB or even hand coding your own CMS.
So how secure are your website, online banking or Facebook passwords for example? If your passwords are weak or compromised then your site or personal information is under risk.
A strong password is nearly impossible for someone else to guess.
Follow Googles tips below to learn what makes a good password, then apply them to your own.
Use letters, numbers & symbols.
Combine different types of characters. Use a mix of alphanumeric characters (letters and numbers) and symbols:
Uppercase (capital) letters. Examples: A, E, R
Lowercase (small) letters. Examples: a, e, r
Numbers. Examples: 2, 6, 7
Symbols and special characters. Examples: ! @ & *
Recommendations & examples
Replace letters with numbers & symbols: Choose a word or phrase and use numbers and symbols instead of some letters. Examples:
“Spooky Halloween” becomes “sPo0kyH@ll0w3En”
“Later gator” becomes “L8rg@+0R”
Abbreviate a sentence: Come up with a sentence and use the first letter of each word. Example:
“Uncle Peter always ate chocolate-covered everything” becomes “uP@8cCe!”
Use long passwords: Long passwords are stronger. Some logins also allow spaces so you can use memorable phrases or words from your favorite songs, poetry, or quotes. Examples:
“an 0pen <3 = an 0pen MIND”
“It’s a long way 2 the ^ if U wanna Rock&Roll”
“From time to time, The clouds give rest To the moon-beholders”
Avoid personal information & common words
Don’t use personal information. Avoid using information that others might know about you or could easily find out. Examples:
Your pet’s name
Your street name
Don’t use common words
Avoid simple words, phrases, and patterns that are easy to guess. Examples:
Obvious words and phrases like “password” or “letmein”
Sequences like “abcd” or “1234”
Keyboard patterns like “qwerty” or “qazwsx”
Any examples in this article, like “sPo0kyH@ll0w3En” or “uP@8cCe!”
Don’t reuse passwords
Use a different password for each of your important accounts, like your email and online banking account. Reusing passwords is risky. If someone figures out your password for one account, that person could sign in to your other accounts and access your email, address, and even your money.
You may also wish to consider changing passwords related to your domain name registration, hosting account and emails associated with your hosting and domains.