Let’s start of with some bad news. If a skilled hacker is specifically targeting your site and is determined to gain access, they just may be able to do it. Very large companies who spend very large amounts of money on security have been hacked. It’s a constant cat and mouse game.
Most hackers are not targeting you specifically. If someone is attempting to hack your website you are probably part of a batch and if they are unsuccessful within a given amount of time they will move on to the next. There are so many sites that are not protected very well that it makes more sense for them to go after easy targets.
This is good news because that means a few basic and simple strategies will keep you protected.
1. Usernames and Passwords
A common style of hacking is what’s known as brute force hacking. The hacker will run a program which runs through a list of thousands of common passwords and automatically tries each one on your site.
The most common usernames are admin or some variation of your name.
The most common passwords are (in no particular order):
1234568 (or variation of)
password (adding a 1 to the end does not help)
If you are using any of the passwords mentioned change it immediately.
What Is A Good Password?
The best password is the one you can’t remember. A good password is unique and time consuming to type. A good password should contain letters, numbers, and symbols. A good password should not be recycled. You should have a different password for every account. Annoying, yes, but effective.
A common trick that is helpful is to take a word you can always remember, let’s use Uhuru Network, and substitute characters. We will also throw in an uppercase character once in awhile.
So Uhuru Network becomes uh!rUn3tw0rK
You can come up with your own patterns, e’s are 3’s, every third character is uppercase, i’s are !’s, etc. It can take some time to type but you will remember it and for the most part it will be pretty secure.
Or you can use this handy web tool to help you create strong passwords. Secure Passwords
2. Update Your CMS
If you are using a Content Management System like WordPress, Joomla, Drupal, etc, make sure to keep them updated. Many times the updates will include security fixes that will protect against hackers gaining access through more sophisticated means than passwords. Some hosting providers offer automatic updates.
While you’re at it, keep your plugins and themes updated as well.
3. Use A Different Email For Your Website
This falls in line with having a different password for every account. By having a separate email with a unique password just for your website you have put up an additional barrier in case your personal email has been hacked. Your personal email will not have information about how to log in to your website nor will it give the hacker any advantage when using a “forgot my password” type feature.
Do you have any simple tips? Share them with us in the comments.