How strong is your WordPress admin password? Does it include your pet’s name or your birthday? Or is it something more complex like what King Roland used in Spaceballs? Under duress from Lord Dark Helmet, the King reveals his secret password combination is 1 2 3 4 5.
Don’t let Lord Dark Helmet Get Your Password!
If your password is anything similar to King Roland’s, don’t tell me! Just read further, then go change it.
Why You Should Use Unique Strong Passwords
A strong password (one that uses a combination of Upper and lowercase letters, a number and symbol) is one of the first lines of defense against hackers from accessing your website. However, if your password is not strong, and your WP access is not hidden, hackers can get into your website.
How do you easily come up with a strong password without sitting for an hour trying attach meaning to some nonsensical arrangement of letters and numbers so you’ll remember it? You can use a free online password generator, ironically called: www.onlinepasswordgenerator.com.
So now you have a strong password that you’re using for WordPress, what about your gmail, Amazon and any multitude of other online accounts you’re using. Are you also using the same, 1 2 3 4 5 password there? Many people do use the same password! Even if your new password is a strong password, don’t go changing all your accounts to this one strong password.
The problem with using the same password for all of your online accounts is that if a hacker does find their way into your WordPress database, they’ll search for the password file in the database tables to retrieve all passwords for all users of your site. Then all they have to do is check your social media links on your website and try that password on your Facebook, Twitter, Linkedin, or PayPal account if you have an e-commerce website, gaining access, not only to your PayPal account, but to your client’s bank or credit card accounts. And that’s not the end of your troubles, now they’ll be using your hosting server to send out nefarious bits of hacker chaos, for which your host will probably shut down your site.
You need a unique and strong password for each of your online accounts. What a pain, right? Not necessarily. You might try a browser add-on like 1Password that will create and save your passwords. You can try out 1Password free for for 30 days. You can also look for other free password saving apps online.
Security is important! My clients benefit greatly from my security regimen. When I develop a WordPress website, I limit the number of login attempts to a very low number and obscure the admin access area. If your site was not built by me, then your admin area is probably in the default location – domain.com/wp-admin/ – that’s the place all hackers know about. Another of my strong security steps is to change the prefix of the database tables. If hackers get in, they look for a database table called “wp_users” to retrieve usernames and passwords. They won’t find that table on websites I’ve created!
I’ll leave you with a snippet of Mel Brooks’ genius from Spaceballs. Now go out and change those passwords! And don’t use “admin” for you username either.
Laura
