If you follow my weekly “Best Blog Post” series you have seen many scary reports about an increasing wave of brute force attacks on WordPress sites. These report are strong reminders to secure our accounts with a good, secure password.

At any given time I’m helping several website owners taking charge of their website or helping to fix errors and I am amazed by the number of websites that don’t have the most basic security and SEO functionality installed or activated. And what is even more surprising is that most of those are not set up by hobby bloggers but purchased from developers.

Ok, I’ll stop ranting šŸ™‚

Bottom Line: Stop using “admin” and weak passwords!

For WordPress the easiest way to do this is to create a new account with administrator rights, associate your posts with the new account and delete “admin” as a user.

If you don’t want to deal with all that back-end stuff, contact your webmaster or…send me an email

But what is behind all of these scary reports?

In cases like these I like to contact my trusty network of helpers and my friend Cate Eales of Computer Care Kelowna happens to have a lifetime of experience in computer and network security. Cate operates a mobile computer business, Computer Care Kelowna, providing on-site service for home and business customers. Her weekly column, “Getting Along With Your Computer” appears Mondays on castanet.net. The column archive is available any time at the column archive.

First I asked Cate to explain what all the fuss is really about:

  • What is a brute force attack?
  • What is a “bot-net”?
  • How do hackers get my passoword?

Brian Krebs is a well-known security expert, and I got some of the information from this blog post: http://krebsonsecurity.com/2013/04/brute-force-attacks-build-wordpress-botnet/.

One things I like about Cate’s advice is that she does have well founded suggestions for what to do.

(apologies for the first 1.5 minutes of silence – you can drag the little number to forward)

Summary:

  • Create a strong password
  • Use a login that is not a common login
  • What a strong password really is
  • Don’t use a word that can be easily guessed
  • The best way to create a password is using a phrase

You want to use these strong passwords and you want to be able to remember them

Ways to remember:

What account name should you use instead of admin.

Willie Sutton Wikipedia
image: Wikipedia

Sutton is known, albeit apocryphally, for theĀ urban legendĀ that he said that he robbed banks “because that’s where the money is.” ~Wikipedia

Here are moreĀ valuableĀ resourcesĀ Cate shared with me:

Password Diagram Cate Eales
Image rights: Cate Eales

[hr]

[button link=”https://businessbluebird.com/why-and-how-to-choose-secure-password-wordpress-website/#comments”]Tell us your password strategy[/button]

 

Published by Frithjof

Digital media strategist, coach, community manager and CEO of BlueBird Business Consulting. Blogger, podcaster, content creator and teacher with a passion. Favourite quote: ā€œTo succeed in the business of the future we have to become the very people we are trying to reachā€ ~ Brian Solis

Join the Conversation

2 Comments

Leave a comment

Your email address will not be published. Required fields are marked *