Secure your site with a strong password

3 May 2018Shaun read

Today, May 3rd, is World Password Day! How secure is your password?

Why you need a secure password for your website

Websites are under constant attack – malicious bots and hackers from foreign countries are trying to log into your website. This is mostly done by “brute force” attacks – where they try to guess your username and password over and over again.

You may think your website is safe, especially if it’s a relatively small website for your local business. However these hackers do wide searches to find vulnerable sites and try to get into them, all with the goal of adding viruses or spam to your site.

It’s also important for GDPR to ensure you have strong passwords in place, as if a hacker does get in then that is considered a breach.

Most commonly used passwords

Here is a list of the most commonly used passwords in 2017:

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. letmein
  8. 1234567
  9. football
  10. iloveyou

Oh dear! Needless to say, these are all awful passwords, and if you have used anything like this then you are susceptible to having your password guessed.

A good forumula for passwords

You may be avoiding using a strong password because it is difficult to remember, and to type. Your bank may enforce a forumla such as “no dictionary words, at least one punctuation mark, one number, and a capital letter” – which ends up with passwords like rMzh$hkerbUamlW*RaWqU@8N

But there is another way! Just as secure, but much easier to remember, is if you take 4 truly random words and use that as your password.

There is a famous comic strip about this which explains the maths behind it:

Password Strength, by XKCD


Remember that they should be random words, not a sentence.

Never the same password twice

In case one of your passwords gets exposed by a hack, like the recent hacks that happened to Tumblr and other sites, you should never use the same password twice. Use a password manager to keep track of all your passwords – we recommend 1Password.

You can always reset the password

If you forget your password, all websites come with a “password reset” option, which sends you an email and allows you to reset it. Just make sure your email is secure, and then you don’t have to worry too much about forgetting that complicated password.

Celebrate World Password Day!

To celebrate the day, please take a moment to change your website password to something more secure!