I absolutely HATE hearing those words!
The truth is, it is very possible to get hacked using WordPress if you do a quick install.
I was recently at a conference where a very smart, very seasoned, and a very well respected Internet Marketer gave instructions on how to use Fantastico to install WordPress. I talked with him afterwards and expressed my concern for using this type of install as it is an invitation for hackers to break into your site. Simply stated, it is not secure enough.
For argument’s sake, let’s just say that you did use that install method <shudder!>. What can you do now? How can you protect yourself? I will be posting a series of short and simple items you can (and SHOULD) perform on your site. If you currently have already employed these techniques, hats off to you! Wonderful! If not, get going and implement them!
Use a Strong Password
This is a pretty obvious and makes sense on all levels. However, it’s something that’s most people do not do! I tell people that their password should be at least 12 characters long (yes I realize that is a lot), and should be a combination of upper-case letters, lower-case letters, numbers, and symbols in order to have the maximum effectiveness and be considered Strong!
One of the best ways to do this is to use a Password Tool like LastPass to generate a password for you. Not only will it generate a unique password for you, but it will store them as well! I have used it for about 4 years now and I absolutely love it! LastPass has a free version and a premium version.
A lot of people assume that having a password like ‘r#C!lLAqZ84p‘ is simply to keep people from “guessing” what your password is . That is not true at all. Hackers will have a more difficult time cracking some of the more complicated passwords.
For adding a REAL level of security to your site, you’ll want to change your password on a regular basis.
One last thing – most people have just one password that they use for EVERYTHING! This is a very bad thing to do! You should create a separate password for each account, and make it a strong one! Again, I cannot speak more highly of a Password Tool like LastPass to manage your passwords. One of the cool things right now is that they have a free 30-day trial of their premium service! Give it a shot!
Yikes! I hope I never have to say those words! I do use a password generator for ALL my passwords. It’s a pain sometimes but I rather do that than have to worry about cleaning up after being hacked. Thanks for the info!
It is a great free tool, Amanda! I use it EVERYDAY! I love it!
Thanks for the information. I haven’t heard of Roboform, but will definitely check it out. I make it a point to change my password often, but having a software such as this would be very helpful.
Melony – Make sure it is a strong password as well! Good luck! Oh, and I am glad to hear you change your password often! Be Well.
Words of wisdom! I do use different a different password for each site, but, although I have a way of collecting them, it can be frustrating when I’m out of the office and can’t remember a password. I need to check out Roboform. Is there a way to access it on an iPhone?
Maura – I have Roboform running on my iPhone! I love it!
I am not using any password manager as of now, I find it difficult to use on my PC and my phone. It seems difficult for me. I have used many of them before as well.
I rather keep my passwords in Evernote with the security code so whenever I need one I can go there and see it anytime by entering the key code. Maybe this is easier for me. But yes, for WordPress login, I am definitely using Clef which makes it hell easy to log in. No password, you just need your phone. I am waiting if Clef one day integrates with other web applications to make life easier.
I have not used Clef before – I will take a look and see. Thanks, Mukesh!
I use LastPass; for a few dollars a year they offer a version that I can use on all my devices. My iOS version even uses fingerprint authentication. If I make a change in my browser, it replicates to my phone, as I’d expect. If you use XMarks to store your browser bookmarks, you can get a package deal.
Yes, I know about the LastPass “security issue” from last year. But as a security professional, I follow very closely teh actions of security experts like Steve Gibson, Graham Cluley, and Moxie Marlinspike. When Steve Gibson said he didn’t quit using it, that was good enough for me.
Amen! I love my LastPass subscription! You can get a free subscription here (even though the paid one is only about $15/year, I think!)