Email this Article
Link this ArticlePick "smart" passwords: Choosing complex passwords are key to keeping your cPanel and server from being hacked.
Hackers often try to guess passwords at first, with the obvious stuff, default passwords, etc, so NEVER keep a default password with any software or hardware. But 99% of the times, hackers simply can't guess your password.
Another way to guess passwords at incredible rates is by using programs that check all possible combinations until it finds your password (although this can take months to run successfully, which is good). This is called Brute Force attacks. So the question is, how can you make a fool proof password, one so good that no hacker can guess it, or use a program to guess it within a reasonable amount of time?
The answer: Use characters in your passwords that are not found on your keyboard. Some examples: Ø Å Ð » § ¡ ¢ ¶ ™ Œ
Here is an example of an excellent password: fj3Ça0Fß2W¢cn2¡7W»nGzÀ5
Why is that an excellent password?
How can I find alt codes to use in my password? Click Here
Other things to consider regarding your password:
Using up to date software: Always make sure that all scripts used on your website is up to date. Security holes are found every day in major software, such as vBulletin, phpbb, phpnuke, etc. It is essential that you always have the latest version of all software to avoid being exploited.
Before adding new scripts to your website, attempt to research them a little bit, and be sure that there aren't major security flaws in the software that just haven't been fixed by the distributer yet.
Don't use Internet Explorer: Okay, this may sound a bit biased, but don't use Microsoft Internet Explorer. IE is often a target in viruses, hijacks, etc, simply because a large number of people use this browser. I suggest switching to FireFox. It is a great alternative, and it is updated very often.
Keep weekly backups: If you are, by chance ever hacked, be sure that you have a backup from at least a week ago. Depending on your website, you may want to make backups as often as daily, for websites such as forums that have content updating every day.
Backups that are stored on the web server that hold your website are useless. If a hacker gets in and decides to delete your website, you can guarantee he will delete your backups as well. So make sure you set up backups to automatically backup to a remote server somewhere, or download them to your personal computer.
Make sure your version of cPanel and other control panels are up to date: Updates for critical server software come out often, so make sure your up to date. There is usually a way to check via cPanel if you have the latest version. If you notice that your running an older version and you are on shared hosting, request that your host upgrades the server's software.
Beware of Beta Software and Script: Many scripts and services launch in a phase called "Beta". Beta means simply that "Hey, the software is new, and there is a 75% chance that there are bugs and/or security holes, so use at your own risk!"
Hackers often try to guess passwords at first, with the obvious stuff, default passwords, etc, so NEVER keep a default password with any software or hardware. But 99% of the times, hackers simply can't guess your password.
Another way to guess passwords at incredible rates is by using programs that check all possible combinations until it finds your password (although this can take months to run successfully, which is good). This is called Brute Force attacks. So the question is, how can you make a fool proof password, one so good that no hacker can guess it, or use a program to guess it within a reasonable amount of time?
The answer: Use characters in your passwords that are not found on your keyboard. Some examples: Ø Å Ð » § ¡ ¢ ¶ ™ Œ
Here is an example of an excellent password: fj3Ça0Fß2W¢cn2¡7W»nGzÀ5
Why is that an excellent password?
- It uses a combination of lower case and upper case letters.
- Includes numbers scattered throughout the password, not all next to each other (Like: dfjguif3456 is not good).
- It does not resemble any word in any language.
- It uses special characters through Window's alt codes.
- It is above 15 characters in length.
How can I find alt codes to use in my password? Click Here
Other things to consider regarding your password:
- Never write your passwords down on paper, unless it is to be kept in a safe. Passwords that you hid stuck under your keyboard are always found
- It is better not save your password on your computer so that it auto-fills the password field so that anyone can login, including hackers who take control of your computer.
- Try to remember your passwords if possible. If not, protect your password in an encrypted file somewhere on your computer (not obviously in a folder named passwords, or anything similar.
- Never give your passwords to anyone, including staff members, or other people you think you can trust. If you absolutely have to give them the password, change it temporarily, and give them the temporary password, and change it back once they are done.
Using up to date software: Always make sure that all scripts used on your website is up to date. Security holes are found every day in major software, such as vBulletin, phpbb, phpnuke, etc. It is essential that you always have the latest version of all software to avoid being exploited.
Before adding new scripts to your website, attempt to research them a little bit, and be sure that there aren't major security flaws in the software that just haven't been fixed by the distributer yet.
Don't use Internet Explorer: Okay, this may sound a bit biased, but don't use Microsoft Internet Explorer. IE is often a target in viruses, hijacks, etc, simply because a large number of people use this browser. I suggest switching to FireFox. It is a great alternative, and it is updated very often.
Keep weekly backups: If you are, by chance ever hacked, be sure that you have a backup from at least a week ago. Depending on your website, you may want to make backups as often as daily, for websites such as forums that have content updating every day.
Backups that are stored on the web server that hold your website are useless. If a hacker gets in and decides to delete your website, you can guarantee he will delete your backups as well. So make sure you set up backups to automatically backup to a remote server somewhere, or download them to your personal computer.
Make sure your version of cPanel and other control panels are up to date: Updates for critical server software come out often, so make sure your up to date. There is usually a way to check via cPanel if you have the latest version. If you notice that your running an older version and you are on shared hosting, request that your host upgrades the server's software.
Beware of Beta Software and Script: Many scripts and services launch in a phase called "Beta". Beta means simply that "Hey, the software is new, and there is a 75% chance that there are bugs and/or security holes, so use at your own risk!"