Over the last few days, I have been bombarded with information overload about online security – mainly dealing with passwords.

I’m afraid that everyone that uses a computer will do at least one of these things. We as humans are horrible with password management. We surf on free internet in coffee shops, we use the same passwords for a gazillion different sites and we never change our passwords – EVER – it’s just too much hassle. And the passwords we do create are simple to hack into.

Here are a few tips that I put together to keep you safe online. These tips include generic password advice and how to keep your WordPress site safe.

General Tips

1. Change your passwords.
No excuses, change your passwords every three months – that’s four times a year. Get out a piece of paper and draw a grid with passwords for home, work, devices, emails, etc.
2. Create hard to crack passwords.
Create passwords that are psuedo-words. For example, password is horrible password, but Pa$sw0rd is much tougher to crack (but please don’t use this example!). Create tough passwords by observing the following:
– Don’t use only numbers or only letters
– Don’t use any names, pets, spouses, etc.
– Don’t ever use important numbers, i.e. birthday, phone number, social security
– Don’t mix home passwords with work passwords
– Don’t use any full length dictionary words, not even foreign words.

3. Come up with a system.
One way to remember all the passwords you are about to create is to come up with some type of system. For example, make all your passwords have the same prefix like Wint3r_2011_01. You can remember the winter part because that’s the quarter and year you changed the password and then tack on numbers or letters at the end.

4. Don’t forget “hidden” devices.
How often have you changed the password to your wifi hotspot in your home? Or what about a gaming system? Yes, we all tend to forget about these devices.

Original Article.

Keep Your WordPress Sites Safe

1. Use different difficult passwords for different sites. If you need help coming up with difficult passwords, see above.

2. Keep backups of all your sites, both source files AND database backups

3. Enable SSL (https://) for the ‘wp-admin’ folder and login page

4. Keep all of your software up to date. Always use the newest versions of WordPress, themes and plugins

For an audio podcast about keeping your WordPress sites secure, head over to Your Website Engineer and listen to episode number 031.