Password, mask, matrix

Tips for Choosing and Changing Passwords for Your WordPress Sites

Having a weak password is a severe problem in today’s world, whether it is the password for your bank account online, your Netflix account, or your WordPress site. Weak passwords can be hacked by those with the right tools in short order, which means that you need to have a strong password that will be difficult to crack. After all, you have to remember that a great password is the first line of defense that you have when it comes to WordPress security.

Why Do People Use Weak Passwords?

Most of the time, it is a matter of trying to make things as easy as possible for themselves and for anyone else who will be working on their team and who will need access to the site. They want to make sure that they can remember the passwords, and they are quick to enter, so they choose something easy. If you have done this, you certainly are not alone. Hackers bank on people using easy to crack passwords, though, so you need to do whatever you can to improve your WordPress security.

Common Password Mistakes People Make

Let’s look at a few of the mistakes that many people make when it comes to their passwords, so you will know what you need to avoid.

First, since people like to make things as easy as possible on themselves, they will use the same password for all of their accounts. This way, even if the password seems complex, they only have to remember one for all of their accounts. However, this is a huge problem. If someone were to get access to the password for one of your accounts, they would then have access to all of your accounts if you are using the same password.

Password, mask, matrix
Password, mask, matrix. Picture by geralt on Pixabay.

Another mistake that is similar to the first is varying your passwords by just a small amount. For example, if you have a password that contains the number 1984 and you change the password to 1985, it will not do much good. Many of the programs out there used by hackers know this trick, and they look for it during their searches. You might have only given yourself a fraction of a second of added safety. Another similar problem is adding an exclamation point at the end of the password; this is also something that the programs are designed to try. Instead, you should make sure you are using these types of characters within the actual password rather than at the beginning or the end.

One of the other problems with passwords that many people come up with today is using personal information. Whether they are using the names of celebrities, a pet, a child, a TV show, a sports team, or similar names in your passwords, it is a bad idea. Again, the software that hackers use to find passwords will look for these types of words and will be able to figure out what they are. Even those who aren’t using software could look at your social media and have a good chance of figuring out what types of passwords you might be using.

Another trick that people use, and that does not work any longer is putting in numbers to substitute for letters to create a word. The software knows the trick, and it will look for those types of passwords.

How to Make Your WordPress Passwords Stronger

The best way to make sure that your passwords are as safe as possible is to keep the above in mind and make sure that you aren’t making those mistakes. You will want a string of letters, numbers, and random characters (or that at least seem random). Also, make sure that the password is not too short. You need to have more than just six or seven characters in the password. Ideally, you will have a password that has at least 12 characters.

One of the other habits that people need to curb is sharing their password with other people. Even though you might trust the person implicitly, there is a chance that they could make a mistake with the password, such as keeping it in a file labeled passwords on their computer or in their email. By keeping your WordPress site password to yourself, you reduce the risks.

Of course, there may be others who will be working on the site with you, and they will need to have passwords and permissions. You will need to go over the password rules with those individuals to make sure that they have strong passwords, as well. Otherwise, they could be a crack in your WordPress security.

Time to Change Your Password

Even if you have taken the time to come up with what you feel is a perfect password that adheres to all of the rules mentioned above, you shouldn’t keep the same password forever. Instead, you will want to change the password occasionally. Aim for changing the password about every other month, or even every month. You should also change the password immediately if you have noticed any strange activity surrounding your site.

Haunted house horror by The Houses October Built 2
Haunted house horror by The Houses October Built 2. Picture by thehousesoctoberbuilt on Giphy.

People tend to get busy, and that makes it hard to remember that you will need to change your password regularly. It is a good idea to set up a reminder either on your phone, your computer, or a physical calendar to help you remember when you should change the password. This way, you will not forget to make the change to your password.

Follow these password tips, and it can help to improve your WordPress security. Of course, there are also other steps that you will want to take to help with hardening WordPress to reduce the risk of hacking, such as adding plug-ins that can provide you with a diagnostic of your site to help you understand what you need to do to improve its safety and security.

Read more about the author .

Save 40%

On monthly and annual plans

Lifetime Deals

Only during BF sales!




We won't spam you. Unsubscribe any time.

Wait! Before you go!

Get 10% discount for any WP Security Ninja plan!


Subscribe to our newsletter for new releases, discounts and general WordPress Security news. Sprinkled with other interesting stuff :-)

WordPress Turns 20: Save 20% Now!



Code valid till June 26th 2023

10% OFF

Subscribe to our newsletter

* We do not spam or share your email

Discount on any Security Ninja plan

and get

Hi and welcome back :-)