Ultimate Website Security Tools

Scan your website for Malware
Strong WordPress plugin

If you ask the average user of a web hosting service how many usernames and passwords he uses for various accounts, subscriptions, and the like, he will probably take some time before answering you. Even then, he may not give you an answer to that question because he won’t immediately introduce you to all the services he uses that require a username and password. This is the nature of today’s modern life, where it is normal to have a whole range of digital computers protected by passwords.

Considering the fact that more and more businesses are being hacked, it is crucial that you have a strong password. Passwords are the keys to your online realm. You should make sure that you use strong passwords that are easy for humans to remember but hard for computers to guess.

Force Strong Passwords in WordPress

However, many users use the same or similar usernames and passwords for different accounts: cPanel, email, WordPress, FTP, SSH and the like, and often come up with their own passwords that contain easy-to-remember phrases and numbers, such as birthdays, names, addresses and the like. Using such simple passwords is never a good idea and can lead to disaster in the case of web hosting.

Since websites often drive the online success of a business, a web hosting account is an integral part of the business. Therefore, it is extremely important to properly protect your web hosting accounts by using strong passwords.

A password that is easily cracked can lead to terrible consequences such as unauthorized access to various confidential user information, hacking of websites or downloading of the entire server where the site is located, unauthorized sending of emails (spam), use of websites to distribute viruses, trojans or spyware and the like.

The best way to avoid such problems is to strictly follow some rules when creating and maintaining passwords. Here are some tips on how to increase the security of your web hosting account by creating complicated and strong passwords that are hard to crack.

What makes a Password Strong?

There are many ways to enforce access control policies like usernames and passwords in WordPress. They don’t require any special programming knowledge, they’re very user-friendly, and they’re relatively free. Many of these solutions require the use of plugins.

There are a number of password and password generator options that allow you to create strong passwords for your users. One of them is to use random strings, which you want to limit to a length of 24 characters.

You should therefore consider using a strong WordPress password generator. If you use one of the password generators that are available as part of the WordPress system, you will have some of the options available for strong passwords for your users.


You certainly wouldn’t use the same key for your house, your car, your mailbox, and your office. So why would you use the same password for all your online accounts? To protect your information, it is necessary to choose and use a different password for each online account you use, whether it is email, control panel, Facebook or something else.

To protect all your sensitive information on the internet and keep it away from hackers, each online account must have a strong and unique password.


According to a US study, some of the most common passwords that users use are as follows: 123456, 1234567, 12345678, abc123, and 11111.

If you are using any of the above or a similar password for any of your online accounts, log in to your account immediately and change it. You should avoid any passwords that consist of a sequence of characters on the keyboard (e.g., “asdfghj” or “yxcvbnm”), and you should also avoid personal information in passwords (e.g., name of the city you live in, favorite band, pet name, names of family members, birth dates, etc.).

Although they probably don’t mean to, Internet users often publicly disclose a wealth of personal information on sites like Facebook and Twitter.


As a rule, you should not share your passwords with anyone. Don’t write down your passwords in places where they can be easily found (e.g., on a piece of paper you keep on your desk, on your computer desktop in a document called “Passwords,” in your email inbox, etc.).

If you have a hard time remembering all the passwords for your online accounts, try using an online password management tool like LastPass, 1Password and similar. With such tools, you only need to remember one (master)password (to log in to this website).


If you want your passwords to be strong and complex, it is recommended to use all four-character categories in passwords:

  • – Upper case letters (A, B, C)
  • – Lower case letters (a, b, c)
  • – Numbers (0, 1, 2, 3, 4, 5, 6, 7, 8, 9)
  • – Keyboard symbols (~! @ # $% ^ & * () _ – + = {} [] \ |:; “‘ ,.? /)

This makes it harder for hackers (and the programs they use) to guess your password. Also, as recommended earlier, don’t forget to use different codes for each account you need to log in to online.


In addition to the following recommendations, you can strengthen your passwords by following these strategies:

  • – When choosing a word for a password, write it upside down (from the last letter to the first).
  • – Replace letters with symbols (for example, use a 4 instead of an “R”).
  • – Make your passwords at least eight characters long (twelve characters is even better).
  • – Use an acronym for some information that you can easily remember (e.g., “I graduated from elementary school in 2005” can be “igfESin_05”).
  • – Never recycle passwords.
  • – Change your password once a month.

And if you want to be absolutely sure you’ve chosen the best possible password – you can check it in free online tools like The Password Metter.

Keep passwords safe

You could also use a password managers like LastPass, 1Password, Bitwarden, … and it is very important to use two-factor authentication (2FA). Adding two-factor authentication to your website is a must for everyone and can help reduce the risk of your websites and systems being hacked and users’ data being spied on. For timely notifications, even if there is an attack (e.g. DDoS) on your website, there is Virusdie.


Article by Ivica Delic
founder of FreelancersTools,
exclusively for Virusdie.

Join our private Facebook group to get help from other security experts, and share your own web security experiences and expertise. Group members receive exclusive news and offers. They can also communicate directly with the Virusdie team. Join us on Facebook.