This is the 1st in the series of
20 Secret Blogging Tips in 20 Days!
Check out the bottom of this post to see the rest.
What better place to start than then place where you start? Your Login. Why?
You may have recently seen in the news that WordPress sites were under attack. They were. It was what was called a “BotNet” attack. Username and Password security is critical.
Hackers had setup computers to search out WordPress sites and attempt to login into them.
In particular they were looking for sites that had the Username of “Admin”. The Bots would then try a variety of passwords to break in. Often times they succeeded. That’s bad, but it wasn’t the fault of WordPress. It was yours.
Step 1. Don’t use “Admin” as your Username.
Ever. If your username is Admin you need to change it. Now. It’s not simple. It requires getting into your database and modifying it there. There might be a plugin that can help you. If not – and you need help… I’m for hire.
Step 2. Change your Password.
Those Bots that were trying passwords were using a dictionary script. It would try the normal words including the really dumb ones like: Password1, 123456, and the ever popular QWERTY – Really!
Changing your Password is really easy. You don’t need to hire anyone to do that. Go to your dashboard scroll down to Users and then Your Profile.
Once there, scroll down to the section where you can change your Password.
There’s a strength indicator built right in to WordPress. Wordpress even gives you a hint. There are also password generators online you can use to generate some pretty secure passwords. Your Password should also be different from all your other social media sites (don’t use the same password for all your sites).
Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! ” ? $ % ^ & ).
Bonus: The BEST Password is going to be something that isn’t found in a dictionary. Want a super secure password you can remember? Something that works for all your other social media profiles? Try this.
Think of something 6 to 8 digits in length. This something should be something you’ll never forget. It should be something you never mention in public, something you never tweet about. Got it? I’ll use the example “skippy” who was my first dog as a child.
Now obscure that phrase. I might do that like “$kippy69*” 1969 being the year we got the dog, and I replaced S the $ and added the * at the end.
I could then use this password for all my sites BUT we know that’s a bad thing – right? So let’s add something (like WP) to the front and use it for WordPress. We could add a FB to the front for Twitter and so on. Catching on? Instead of the WP, I could make it PW (oooh look! I reversed it). I’ll then add something to the back end too.
Essentially, what you just did was create your own algorithm for creating a Password. It’s unique to you and pretty secure too! Make up your own rules and go change all your Passwords! 🙂
Ready for a killer wordpress website? Click HERE.
He's an avid hockey fan, rides a mountain bike, sometimes rides a road bike, has a few motorcycles (he had a really fast one, bought a cool orange one, rode a really slow one, and now,a perfect "BDR Weapon"). If that isn't enough, he makes cheese and sourdough bread, loves strong beer and good red wine, and poorly plays the Mandolin.
- 8 Questions Your Web Developer Should Have Asked - April 27, 2021
- Slack, Chat or Discord? - April 6, 2021
- Unsplash Bought by Getty Images - March 30, 2021