One of the best ways to keep your website safe is to change your passwords. Constantly. And then do it again in 30, 60, or 90 days. If you take a look around, password hacking seems to constantly be in the news!
Here is an almost timeless article from the NY Times (from years ago) regarding passwords. It discusses some Best Practices and ideas to follow when you need to generate a password:
How To Devise Passwords That Drive Hackers Away – they recommend simple things like:
- FORGET THE DICTIONARY – Don’t use words (or a string of words) that you find in the dictionary.
- NEVER USE THE SAME PASSWORD TWICE – self-exclamatory – change your password to something different. Every Time.
- STORE YOUR PASSWORDS SECURELY – do not keep them in a file called, Passwords.txt
Personally, I use both LastPass – this is a password encryption tool. There is a free version as well as a paid version (under $40 each) that you can check out.
I store my passwords on a USB drive that is secure to military specs (technically, it is an IronKey USB drive). This drive allows for a complete cryptographic erase of the drive as opposed to permanently destroying it after 10 failed attempts at a password. This means that the data is completely gone, but the drive is definitely still usable for new stuff.
How often are you changing your password? Do you do it every so often? You should get in the habit of changing them on a regular basis. Think about the types of passwords that you have:
- Hosting account
- Dashboard to your WordPress site
And those are only the ones associated with your website! There are all sorts of tools you can use to remind you – I have been using a free service, Toodledo, for years and I love it!