• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
  • Immediate Help
  • Login
  • Languages
    • English
    • Spanish
    • Portuguese

How to Create Secure Passwords For Your Website

December 20, 2017Celise DavisonEspanolPortugues

37
SHARES
FacebookTwitterSubscribe

Have you ever signed up for a new account, but once it came time to create a password, your spirits dropped a little? It’s hard enough to remember one password, let alone multiple ones. Panic sets in as the security suggestions prompt you to add more numbers and unique characters. How am I going to remember this? Why does this even matter if I’m the only one who accesses this account?

We’ve previously written about the elements of a secure password, and the topic is still important today. Hackers gain new insight on how to break passwords daily, and password lists created from breaches continue to put your site at risk.

Passwords and Brute Force Attacks

Even though your admin panel or FTP accounts are supposed to only be accessed by you and a select few individuals, passwords are often the only thing stopping bad actors from gaining unauthorized access.

One such instance is when you receive multiple Failed Login Attempts. This is known as a brute force attack, where bots are continuously trying to login by guessing the most common passwords. These bots are relentless and have nothing but time on their hands to try and guess your password. The harder the password, the less likely they are of getting into your personal accounts.

You can block brute force attacks using the Sucuri Firewall

If a hacker does gain access to your server through the administration panel or via FTP, you can say goodbye to your great SEO rankings and reputation. Your site could be filled with malware, sending spam to all of your visitors within moments (due to the nature of automated attacks). This is what we need to avoid by ensuring our passwords are strong and ready to stand up against bots.

What Makes a Good Password?

Let’s review a few of the key considerations to making a strong password.

Predictability

You might have been told this before, but Password123!, or 123456, or any obvious combination of sequential numbers and letters will be guessed very easily. It’s also not wise to use your birthday or name, as these pieces of information can be found without much effort by anyone on the web.

We discuss the use of dictionary-based attacks and password lists in our previous article on the dynamics of passwords.

Length

The longer your password, the better. If you have more characters, mathematically your password already has a higher probability of not being guessed. More characters equals a stronger password!

password length and complexity tool in LastPass

Complexity

Adding numbers and unique characters will set your password apart. Anyone can use their dog’s name, Harry, as their password. By adding numbers, characters, and a mixture of lower and upper case letters, the original Harry becomes obscured as &H4RrY)*7 – and therefore much harder to guess.

password strength meter example

Uniqueness

Be sure that when you make your unique passwords, that you never re-use them. If one of your accounts gets compromised, you want to ensure that account is isolated. If you had multiple accounts with the same password then all of those accounts will also be compromised which can be devastating not only to your website but to your personal life as well.

 

How to Remember Passwords

If the thought of trying to remember every unique password for all of your accounts makes you woozy, then I have the solution for you! The easiest way to keep you on track is by using password managers such as LastPass and Dashlane. They will keep all of your passwords in one “vault” and even auto-fill in passwords if you take advantage of the browser extension. You can also stop worrying about coming up with hard passwords as they can generate them for you.

lastpass password generator

Conclusion

A surefire component of keeping website security is enforcing the use of strong passwords. Adding more characters and numbers will make the password longer and help to ensure that it’s not easily guessed.

Hackers have lots of tools in their arsenal to hack our sites, let’s make life harder for them by creating strong passwords! You can also leverage our Web Application Firewall which will block any unwanted IPs from logging into your site and avoid brute force attacks completely.

37
SHARES
FacebookTwitterSubscribe

Categories: Ask Sucuri, Security EducationTags: Best Practices, Passwords

About Celise Davison

Celise is a Customer Happiness representative at Sucuri. She works with customers via multiple channels to ensure product satisfaction. When she's not at work, she enjoys making ceramic sculptures and silly embroidery patterns.

Reader Interactions

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Sucuri website security

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2018 Sucuri Inc. All rights reserved