Here at 34SP.com we often advise clients on password security. All account types including domain names, website hosting, and servers require robust user names and passwords for security. In light of the fact that we have now added an additional layer of FTP security for clients, it seemed the right time to once again stress the importance of secure passwords.
This subject is far from new, and a concise and very well constructed treatise on the importance of password security written by HongHai Shen, a Google Engineer who works on security within Google was posted a while ago on the official Google blog. Please read this piece if you are wondering how to create a secure password.
Here are some more specific tips from the 34SP.com Service and Support Team:
In the event that you need to change or update passwords, please do not reset your password back to an old one. And please do not leave FTP access set to enable if you really do not use FTP all the time.
Refrain from using dictionary words. This is any word in English that exists in a dictionary. Passwords should look along the lines of grN#C9bSnJo((Sj for example. Randomly generated terms are best.
Here are some additional tips to help protect your site from compromise:
Do not use the same passwords for your mysql database as you do for FTP.
Do not use dictionary words.
Do not follow links in spam mails (curiosity in most cases kills the cat) .
Do not accept downloads or ActiveX or scripts on sites you do not know.
Do use randomly generated passwords.
Do run an up to date antivirus.
Do change your password monthly for extra security.
Do disable FTP via the 34SP.com control panel when not in use.
One question, or possibly the objection, regarding secure passwords is, ”How do I remember a truly robust and difficult to crack password – when it contains all those upper and lower case letters, numbers and unusual keyword characters?”.
Here are two tools that can help with securely storing your passwords and help you to access them in a hurry.
RoboForm was named PC Magazine Editor’s Choice, and CNET Download.com’s Software of the Year. RoboForm allows you to:
Manage your passwords and Log In automatically.
Fill long registration and checkout forms with one click.
Encrypt your passwords to achieve complete security.
Generate random passwords to maximize password strength.
Fight Phishing by entering passwords only on matching web sites.
Defeat Keyloggers by not using the keyboard to type passwords.
Back up your passwords and copy them between computers.
Synchronize passwords between computers using GoodSync.
The full install of RoboForm is a paid product with full product documentation and support.
Alternatively, you can try http://www.keepass.info
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).
Whatever method you arrive at for managing passwords, remember to maintain the highest levels of password security for your websites and domains. As always, if you have any questions or comments on password security, please contact the 34SP.com Service and Support Department.