How to keep your passwords secure

RDO Servers

Well-known member
Registered
Joined
Apr 3, 2015
Messages
1,027
Points
83
Countless websites are hacked every single day!
No computer system, connected to the internet, is secure and "hacker proof"!
Hackers don't just target big companies. Even a small blog is at risk for hacking attempts!

So what do you do? :think:

After you make sure that you are using a quality hosting provider, and that your website is up to date with the latest patches/plugins, you need to make sure you are using strong passwords.

The most common cause of a website getting "hacked", is a result of weak passwords. I know, having to remember a bunch of different passwords is quite a pain. Trying to memorize a complex password like "ar-[0-f*-)7-" is almost impossible. However, the fact remains, that strong passwords decrease the risk of your website being compromised.

Many hackers use a automated bot to deploy a "dictionary attack" on a website. The bot will go through a dictionary of words and previously stolen passwords to try all of the possibilities. Most of them will also add numbers or special characters to the end of the words, like many people to do. If it comes across your password, then their in and will have full access to your website or hosting account.

When you use a random password generator, it will give you a stronger password, with random characters, which is much more secure and much harder for a hacker to break with a dictionary attack.

Where do you find a good password generator? Right here on Webmaster Sun!

Try out our very own password generator today, and easily increase your own account security!
 

lawrencegordon

Member
Registered
Joined
Mar 4, 2015
Messages
23
Points
0
Keep your password long as possible, using a special character and a capitalize in your password to make it secure.

I always use this way for my passwords.
 

RDO Servers

Well-known member
Registered
Joined
Apr 3, 2015
Messages
1,027
Points
83
RDO Servers
That is good advice, but I still feel using a password generator is the best way to go. A lot of people know to use a capitalize letter and a special character, but too many people still get lazy and will set their password as Domainname* which is still way too easy to break!
 

ypson

Member
Registered
Joined
Sep 8, 2015
Messages
23
Points
0
When a password generator is not an option, I suggest using fillers, for example instead of password use ---password-- and let your creativity go from there. Always use an uneven number of fillers, symmetry might look good but doesn't help. Each character, be it a filler, exponentially increases the time needed for breaking it by brute force.
 

smallbudgethosting

Member
Registered
Joined
Jul 6, 2015
Messages
18
Points
0
with cpanel you have the option of generating upto 18 characters for your passwords, I use keepass password safe for my passwords. I find it works because many sites I use a random password.

where two factor authentication is available, I use it to secure my accounts, such as gmail.
 

professorrosado

Well-known member
Registered
Joined
Aug 30, 2015
Messages
173
Points
0
Securing your password sounds good but in the end will not protect your site once compromised. The best way to "secure" your site is to use the methods stated above in generating passwords but do not stay with that password for long - change your password on a regular basis as this will stop any compromised access and drive the hacker back to square one!

If you have a membership site or you allow registrations, then set a regular schedule to check your database for admin roles assigned to non-admins.

I also had my hosting company restrict cPanel access to my IP only (if you have static). If you use WP, you can do the same for dashboard and admin access.

Also change cPanel passwords on regular basis!
 
Last edited:

malikshahid3232

Member
Registered
Joined
Nov 17, 2015
Messages
21
Points
0
malikshahid3232
Thank you so much!
Your information is very useful for me specially regarding WP admin access and dashboard.
With best regards,
 

gerald88

Member
Registered
Joined
Nov 27, 2015
Messages
31
Points
0
I use lastpass to manage my passwords. They generate strong passwords. To login to lastpass you need to fill in a authentication code from your mobile phone. When you signup to lastpass you connect your phone to your lastpass account.

So you can generate secure passwords and you don't forget them because it will be managed by lastpass.
 

RDO Servers

Well-known member
Registered
Joined
Apr 3, 2015
Messages
1,027
Points
83
RDO Servers
I am not a fan of password management services. By doing so, you are essentially giving the service all of your passwords. What if they have a data breach? The hacker will then have access to EVERYTHING that you login to via that password service.

Lappass may be a great service. I have never used them and don't know anything about them. But remember, no wer based services is 100% secure. Everything is susceptible to being hacked and no amount of security is fool proof.
 

ulterios

Well-known member
Registered
Joined
Nov 25, 2015
Messages
481
Points
0
ulterios
First off, great post with some great information.

Second, I completely agree with you on using a password management service. In the last month I have come across posts and stories around the web where password management service were being used and people had gotten their accounts compromised. I have always been a big fan of creating/and remembering passwords is the responsibility of the person needing the password.

I have a larger number of accounts that I need passwords for and I am able to remember them all, and yes they are all different. I have a crazy, unique and even strange way that I come up with them that makes them extremely hard to guess and I have never had an account of any type compromised in decades of using them online. They are not stored anywhere as well.

My system has been perfected and works great but if I ever have a stroke, brain aneurysm, blow to the melon or other head/memory related injury or condition then my accounts might be lost forever. Then again, if I loose my memory I probably won't remember what I lost anyway so then I guess it's not a loss in my new reality at all! ;)
 

professorrosado

Well-known member
Registered
Joined
Aug 30, 2015
Messages
173
Points
0
Well, @ulterios, your hosting company can always go into your database and reset the password for you.

But, if you have a very good security software on your computer that is always updating itself with the latest exploit defenses, browser hacks, et al. Then at minimum, all you need to worry about is changing passwords to both cPanel and each website every 30 days (max). I would even go to bi-weekly or weekly if your site is getting targeted.

Also make sure you use other on-site defenses and tweak them - don't install a security plugin and leave it to fend for itself. I am on all of my websites daily checking for hacking attempts and quickly blocking entire router addresses FOR EVER! ;p
 

ulterios

Well-known member
Registered
Joined
Nov 25, 2015
Messages
481
Points
0
ulterios
Why would I need to do that? I think you misread the post, i'm not nor have I ever had anyone gain access to any of my accounts, hosting, email or anything else. ;)
 

clickcloudit

Member
Registered
Joined
Dec 4, 2015
Messages
17
Points
0
I have like an excel sheet to keep the handy but use mostly random passwords.
 

hmb-robert

Member
Registered
Joined
Jan 5, 2016
Messages
30
Points
0
You can simply follow the rules to keep your password more safe

1. Don't make it easy
2. Numbers + Letters = Safer
3. Make it long.
4. If you write it down it can be found.
5. Change it up.
6. Be unique.
7. Use special characters
8. Don't use any words
9. Watch your letters.
10. Using an online password generator is not as safe as it seems.
 

Ron Killian

Well-known member
Registered
Joined
Dec 3, 2015
Messages
363
Points
0
Even though this was an old thread...

One thing I do is keep all my passwords on a removable usb drive. And it's ONLY plug in when I need a pass. Actually I bought a set of two, one as a back up. The drives have password protection as well, just having set that up.

I am with RDO, any program/app/service that has your sensitive data is a potential breach. Some of the biggest sites on the net have been hacked the last couple years.
 

Shahzadqayyum

Member
Registered
Joined
Apr 16, 2016
Messages
34
Points
0
Use space bar in your Passwords :) also do not forget to enable 2 factor authentication if that specific site provide you this facility. Do not use same passwords for your email and other forums.
 
Recommended Threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top