How to keep your passwords secure

RDO Servers

New member
Joined
Apr 3, 2015
Messages
770
Points
0
Countless websites are hacked every single day!
No computer system, connected to the internet, is secure and "hacker proof"!
Hackers don't just target big companies. Even a small blog is at risk for hacking attempts!

So what do you do? :think:

After you make sure that you are using a quality hosting provider, and that your website is up to date with the latest patches/plugins, you need to make sure you are using strong passwords.

The most common cause of a website getting "hacked", is a result of weak passwords. I know, having to remember a bunch of different passwords is quite a pain. Trying to memorize a complex password like "ar-[0-f*-)7-" is almost impossible. However, the fact remains, that strong passwords decrease the risk of your website being compromised.

Many hackers use a automated bot to deploy a "dictionary attack" on a website. The bot will go through a dictionary of words and previously stolen passwords to try all of the possibilities. Most of them will also add numbers or special characters to the end of the words, like many people to do. If it comes across your password, then their in and will have full access to your website or hosting account.

When you use a random password generator, it will give you a stronger password, with random characters, which is much more secure and much harder for a hacker to break with a dictionary attack.

Where do you find a good password generator? Right here on Webmaster Sun!

Try out our very own password generator today, and easily increase your own account security!
 

lawrencegordon

New member
Joined
Mar 4, 2015
Messages
31
Points
0
Keep your password long as possible, using a special character and a capitalize in your password to make it secure.

I always use this way for my passwords.
 

RDO Servers

New member
Joined
Apr 3, 2015
Messages
770
Points
0
RDO Servers
That is good advice, but I still feel using a password generator is the best way to go. A lot of people know to use a capitalize letter and a special character, but too many people still get lazy and will set their password as Domainname* which is still way too easy to break!
 

ypson

New member
Joined
Sep 8, 2015
Messages
26
Points
0
When a password generator is not an option, I suggest using fillers, for example instead of password use ---password-- and let your creativity go from there. Always use an uneven number of fillers, symmetry might look good but doesn't help. Each character, be it a filler, exponentially increases the time needed for breaking it by brute force.
 

smallbudgethosting

New member
Joined
Jul 6, 2015
Messages
20
Points
0
with cpanel you have the option of generating upto 18 characters for your passwords, I use keepass password safe for my passwords. I find it works because many sites I use a random password.

where two factor authentication is available, I use it to secure my accounts, such as gmail.
 

professorrosado

New member
Joined
Aug 30, 2015
Messages
236
Points
0
Securing your password sounds good but in the end will not protect your site once compromised. The best way to "secure" your site is to use the methods stated above in generating passwords but do not stay with that password for long - change your password on a regular basis as this will stop any compromised access and drive the hacker back to square one!

If you have a membership site or you allow registrations, then set a regular schedule to check your database for admin roles assigned to non-admins.

I also had my hosting company restrict cPanel access to my IP only (if you have static). If you use WP, you can do the same for dashboard and admin access.

Also change cPanel passwords on regular basis!
 
Last edited:

gerald88

New member
Joined
Nov 27, 2015
Messages
38
Points
0
I use lastpass to manage my passwords. They generate strong passwords. To login to lastpass you need to fill in a authentication code from your mobile phone. When you signup to lastpass you connect your phone to your lastpass account.

So you can generate secure passwords and you don't forget them because it will be managed by lastpass.
 

RDO Servers

New member
Joined
Apr 3, 2015
Messages
770
Points
0
RDO Servers
I am not a fan of password management services. By doing so, you are essentially giving the service all of your passwords. What if they have a data breach? The hacker will then have access to EVERYTHING that you login to via that password service.

Lappass may be a great service. I have never used them and don't know anything about them. But remember, no wer based services is 100% secure. Everything is susceptible to being hacked and no amount of security is fool proof.
 
  • Like
Reactions: professorrosado

ulterios

New member
Joined
Nov 25, 2015
Messages
1,267
Points
0
ulterios
First off, great post with some great information.

Second, I completely agree with you on using a password management service. In the last month I have come across posts and stories around the web where password management service were being used and people had gotten their accounts compromised. I have always been a big fan of creating/and remembering passwords is the responsibility of the person needing the password.

I have a larger number of accounts that I need passwords for and I am able to remember them all, and yes they are all different. I have a crazy, unique and even strange way that I come up with them that makes them extremely hard to guess and I have never had an account of any type compromised in decades of using them online. They are not stored anywhere as well.

My system has been perfected and works great but if I ever have a stroke, brain aneurysm, blow to the melon or other head/memory related injury or condition then my accounts might be lost forever. Then again, if I loose my memory I probably won't remember what I lost anyway so then I guess it's not a loss in my new reality at all! ;)
 

professorrosado

New member
Joined
Aug 30, 2015
Messages
236
Points
0
Well, @ulterios, your hosting company can always go into your database and reset the password for you.

But, if you have a very good security software on your computer that is always updating itself with the latest exploit defenses, browser hacks, et al. Then at minimum, all you need to worry about is changing passwords to both cPanel and each website every 30 days (max). I would even go to bi-weekly or weekly if your site is getting targeted.

Also make sure you use other on-site defenses and tweak them - don't install a security plugin and leave it to fend for itself. I am on all of my websites daily checking for hacking attempts and quickly blocking entire router addresses FOR EVER! ;p
 

ulterios

New member
Joined
Nov 25, 2015
Messages
1,267
Points
0
ulterios
Why would I need to do that? I think you misread the post, i'm not nor have I ever had anyone gain access to any of my accounts, hosting, email or anything else. ;)
 

clickcloudit

New member
Joined
Dec 4, 2015
Messages
17
Points
0
I have like an excel sheet to keep the handy but use mostly random passwords.
 

hmb-robert

New member
Joined
Jan 5, 2016
Messages
32
Points
0
You can simply follow the rules to keep your password more safe

1. Don't make it easy
2. Numbers + Letters = Safer
3. Make it long.
4. If you write it down it can be found.
5. Change it up.
6. Be unique.
7. Use special characters
8. Don't use any words
9. Watch your letters.
10. Using an online password generator is not as safe as it seems.
 

Ron Killian

New member
Joined
Dec 3, 2015
Messages
804
Points
0
Even though this was an old thread...

One thing I do is keep all my passwords on a removable usb drive. And it's ONLY plug in when I need a pass. Actually I bought a set of two, one as a back up. The drives have password protection as well, just having set that up.

I am with RDO, any program/app/service that has your sensitive data is a potential breach. Some of the biggest sites on the net have been hacked the last couple years.
 
Older threads
Newer threads
Latest threads
Replies
0
Views
589
Replies
2
Views
788
Replies
1
Views
309
Recommended threads

Referral contests

Referral link for :

Sponsors

Popular tags

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top