Web Security: Passwords

Web Security icon

Though this article is part of my Website Security series for webmasters, passwords are crucial to all website users.

Everyday, you use passwords on the Internet.
Everyday, you risk losing important, valuable information.
Everyday, you need strong passwords to stay safe.

If you just want a safe, easy way to manage passwords, please join my group of safe Internet users now. If you want to understand why strong passwords are important for web security, then read on…

In Website Security: Admin Author Basics, I explained the importance of separate Admin and Author usernames for WordPress. Equally important, is to use separate passwords for each username, and for every other account that you create on the Internet.

That makes for a lot of passwords to remember. I have a great solution for password security, but first I will explain why separate and strong passwords are important.

Web Security: Strong Passwords

Hackers break passwords by brute force or guessing. A strong password is very difficult to break by either of these methods.

Brute force means trying every combination of characters until the password is found. You can make this seriously difficult to do by using passwords with at least 8 characters. Characters should include a mixture of uppercase letters, lowercase letters, and numbers. Most websites will also allow other symbols to be included in your password.

Password guessing techniques include common words and personal information. Never use password, opensesame, letmein, or other common passwords. There are lists of common passwords that hackers use. Similarly, people often use their name and birth date. Anyone can find that information, and use it to guess your password.

Web Security: Separate Passwords

Another common way to break passwords is to use one from a different website. Hackers commonly setup fake websites to entice you to create an account. If you have used the password elsewhere, the hackers will keep trying it on all the websites they have in their extensive lists.

They will also spot if you use the website name, or simple variation of it, as the password. You need to avoid using any method that links your passwords together. They must be completely separate, not variations of a theme.

Web Security: Remembering Passwords

Web Security iconLike me, you must now be wondering how on earth you can remember all your passwords, when they all have to be different, yet cannot be based on a pattern. I felt very exposed to password theft before I found the best way to keep my passwords safe.

One option is to keep a list of accounts and passwords in a password protected spreadsheet or other type of list. This has many advantages:

  • You only have to remember one password – the key to your password list
  • You can easily copy and paste usernames and passwords
  • You can include other information such as the link to the login page

A better option is LastPass. It does all of the above, and also works with your browser to avoid copy and paste. It handles multiple accounts very well, and has many more useful features including a strong password generator. Best of all, it is free. However, LastPass has even more features in the premium version. Especially useful is unlimited use of LastPass Mobile for all popular smartphones and tablets. This only costs $12 per year, but I have even more good news for you.

If you sign up to LastPass using this link, you will get 1 month of LastPass Premium free. After your first month, you can continue with the basic LastPass account, or pay for LastPass Premium.

Every LastPass user gets their own personalized link to invite friends and associates. That link allows new users and the link owner to get a free month. I get a free month when you use my link, but I’m not greedy. I get more free months from referrals than I can use, so I change my website links to other people most of the time. I call this my Safe Friends List. If you sign up using my link, and you want to go on my Safe Friends List, please tell me in the comments below.

Web Security: Next Steps

It’s very easy to be safe with your passwords:

  1. Sign up to LastPass using this link
  2. Change weak passwords for strong ones – LastPass helps you do this
  3. Optionally, request to go on my Safe Friends List (via Group or Chatroom links below)

What do you think about secure passwords? Share your experiences, opinions, and questions in Shrewdies Make a Website Group, or Shrewdies Website Help Chatroom.

Leave a Reply