Blogging Security Tip – Changing Passwords

One of the plugins I use on my WordPress blogs is called “Google Analyticator”.  It Adds the necessary JavaScript code to enable Google’s Analytics.  It also adds a dashboard widget that shows you information about your traffic stats over the past 30 days.

Information such as the number of unique visits and page loads.  It also shows you the top five referring sites, the top five search queries used to find your blog in Google search and the top five pages loaded.

I logged in to one of these blogs this morning and found something interesting in that information.  The admin log in page for that blog was the number three most popular page.

Since my settings ignore MY visits it can only mean that somebody has been trying to log into that blog.  By definition that would be somebody who has no business doing so.

This brings me to the point of this post.

In spite of the fact that I use cryptographically “strong” passphrases I decided that this information meant that it was time to change it.  The new passphrase is now twice as long as the old one.

The point is that you should periodically change passwords / passphrases if only to make it as difficult as possible for those who would log in to your blog’s admin panel.  Once there they could do literally anything with it, including lock you out of your own blog.

When was the last time you changed your passphrase or password?  How long is it?  I recommend no less than twelve characters with a mix of letters, numbers and punctuation marks.  Don’t make it easy for ‘em.  NEVER use names, dates, places or any word you could find in a dictionary.

Be Sociable, Share!
  • email
If you enjoyed this post, make sure you subscribe to my RSS feed!

Comments are closed.