I know, I know, we are always going on about strong passwords and why you need one that automated tools can’t figure out. Strong passwords help prevent brute force login attacks on your website. You can generate strong passwords or be creative and get them from incidents that happened in your life.
We work hard to keep your website safe
We do everything in our power to keep your website safe;
- We use high quality WordPress specific hosting
- We check your websites regularly for upgrades to WordPress, themes and plugins
- Our administrator passwords are
- 50 random characters
- contain upper and lowercase
- numbers
- symbols
- We encourage our clients to have strong passwords
- We have a multi-tiered backup system in place
- We also keep an eye on who is trying to log in.
But automated Brute Force hacking attacks are now a part of managing a website
A hacker who gains access to your administrator account is able to install malicious scripts that can potentially compromise your entire website.
Brute Force Attack on a website are when hackers try usernames and passwords, over and over again, until they get in. They often are having 1000 guesses per second which gives them a huge number of attempts in a day. Often deemed ‘inelegant’, they can be very successful when people use passwords like ‘123456’ and usernames like ‘admin.’
We are now enforcing strong passwords
We are starting to make you choose strong passwords. Check out this cartoon on password safety for the details on what I have summarised below. The results are startling.
Password: correct-horse-Battery-staple
This password is using random common words and has 44 bits of entropy
Time to crack = 55 years at 1000 guesses per second
Password: Tr0ub3d0r&3
In the past people have used a word or words, mixed upper and lower case, added symbols and substituted numbers for letters.
This password has 28 bits of entropy (choices) including the caps, number substitution and symbols.
Time to crack = 3 days at 1000 guesses per second
Need a tool to help you generate one?
There are a number of tools available that will randomly generate passwords for you. One example is:
https://xkpasswd.net/s/
Other ways to create strong passwords
I was reading a book last night (I read a lot, its my way of de-stressing). I have eclectic tastes in books, but quite like to include action novels in my reading list. I came across a great way to create a rememberable, strong password. Christine Feehan called it mememetric password (it took me ages to figure out how to say that!).
Its a 5-6 word password made up from an event in your childhood. It could be referencing a low grade traumatic event, one that very few people know about, that you don’t talk about, or a guilty secret, or maybe even an event that was insignificant. It goes
location-WhatHappened-WhyTraumatic
As you can see from some of the following examples from my childhood they can be funny and very memorable. You are more likely to remember them if you are humorous and creative.
sisters-camp-bee-sting-quick-doctor
mr-deal-stolen-money-nasty-lollies
grannies-dunny-throw-downs-big-bang
waiwera-pools-shallow-dive-egg-head
school-bus-big-rock-broken-axel
Some of our clients find randomly generated strong passwords hard to remember. If that is you, have some fun creating one for yourself. Even if you have talked about the event it would be challenging for people to know what words you would link together.
How do you remember lots of different strong passwords?
There are programmes that can remember your passwords and store encrypted version on your computer, so that you can focus on the more important things in life. They can increase your security by generating strong, unique passwords for all your accounts.
We recommend 1password and LastPass. Check them out.