Everyone is aware of the risks of not having website maintenance. In 2017 alone, some of the biggest hacks to date have taken place. Among them the Equifax security breach, the WannaCry attack and the Computer chip vulnerabilities.
With these hacks emerging, and more people becoming aware of vulnerabilities, it is incredibly important to make sure that your website is secure.
One of the easiest steps you can take is to make sure your passwords are secure. The creator of the original rule of having one number, symbol, lowercase and uppercase word in passwords regrets giving this advice. Many people now have passwords such as l(iUp#K1.
Now you may say: This is a super secure password. But, is it really?
An 8 character password would take a regular computer about 40 years to crack. Which is really good. However, on a botnet or on a supercomputer, it would take less than a day to crack this password, four hours to be precise.
The way that we recommend passwords is best explained in this image:
These passwords are relatively easy to remember, but also not 100% secure… We recommend getting a password manager such as LastPass or 1Password, if you take security seriously, and have some budget. You only have to remember one password and you’re good to go. Using the above method from xkcd, create a password with at least four words and do add symbols, numbers and random letters to it. Using the example above: c0rrecthorsebatterystaple would already be a slight improvement. The reason we recommend this is because hackers have started using dictionaries to guess passwords as well.
Another good way of protecting your security is by using Diceware. A great tool to generate random passwords for your PC or laptop.
Now that your admin login is secure with a good password, let’s look at the next vulnerability. Since we mainly work with WordPress, we will focus on WordPress for the following example.
WordPress Core, the version that WordPress is built on, is quite secure. It is an open source product and many people work on the WordPress core. The most vulnerable component of a WordPress website are the plugins. Inactive plugins that don’t get updated are easy ways for hackers to gain access to your website, the same can be said for outdated plugins that are still active.
Maintaining the integrity of your website can be quite complex. Some plugin updates can make your website function differently or not work well with other plugins, creating a mediocre experience for your website visitors or potentially stop certain parts of your website from functioning.
Futura Digital can help maintain your website and ensure that your plugins are up-to-date and functioning correctly. This will not only make your website more secure, it includes a SSL certificate and multiple build environments. If you would like us to help keep your website up to don’t hesitate to contact us here.