Dev License: This installation of WHMCS is running under a Development License and is not authorized to be used for production use. Please report any cases of abuse to abuse@whmcs.com

Best practices for website passwords (and all passwords)

Published reports, and my own experience, are the same: Most people use terrible passwords, even if they think they use good ones. Three reasons people use terrible passwords:

  1. They fail to recognize the high value of the data that their passwords are protecting. 
  2. They are not aware how many other people want that data, and how determined they are to get it. 
  3. They underestimate the sophistication of password hackers and how fast their methods are.

Therefore, to most people, passwords are a nuisance, something that gets in the way of easily reaching desired destinations and doing desired activities. But your passwords are the only things preventing other people from going to those same destinations and doing those same activities AS YOU! 

  1. Your website, no matter how small it is, is a valuable resource for anybody who can crack their way into it. Your passwords are the only thing protecting it from complete destruction. If someone succeeds at logging in as you, they will do anything they want to your site, and they are not going to be polite about it. 
     
  2. If you have a PayPal or other online banking account, your password is the only thing preventing someone else from logging in as you and stealing all your money. 
     
  3. If you use an online email service like Yahoo, Gmail, or Hotmail, your password is the only thing blocking someone else from reading all your mail, sending mail as you to people you know (or not), registering memberships in your name at places you'd never want to be associated with, or going to websites where you are a member, pretending that you "forgot your password", and having the password emailed to you -- except that because they can read your mail, it's being emailed to them.  

To a website or other online service, "you" are not a person, but a data connection, a source from which it receives commands and whatever else you type. A hacker is also a data connection, just like you. The ONLY difference between you and the hacker is that you know your password and the hacker doesn't. To the remote computer, a hacker who does know your password is you. They can do anything, absolutely anything, that you can do with your account.

Considering the personal disasters that can result from a cracked password, shouldn't you want to know the best way to create and manage your passwords to prevent those things from happening to you? 

What follows is a list of password rules and explanations for them, to help you create unbreakable passwords and manage them safely. Although some of the comments are directed at webmasters managing website passwords, the same principles apply to everyone whose logins need serious protection, which is everyone.

1) Always use strong (long, random) passwords

A strong password has at least 8 characters for unimportant purposes and at least 12 for any important purpose, and it looks like these:

NgnVK5p7nrMu H/Rc*{P(4fHf xYEZu7aG
YlRgPZkAuay8 Pc?.92\9s7H! @|B9?i":

Any password that does not fit the above description is no good. It does not adequately protect the information it is supposed to protect.

What makes the above password examples good? 

  1. Even if a hacker knows absolutely everything there is to know about you, it will not do them one bit of good. These passwords are not based on anything that anybody could ever discover about you. They are meaningless random strings of characters. 
     
  2. They are long enough that it would take a fast computer many years to crack them, and no shortcuts will work. The only possible method is by "brute force", trying billions of passwords in the hope of finding the correct one before the hacker dies of old age or the sun goes supernova or the universe collapses into the next Big Crunch. Well, OK, I've already mentioned that 8-character passwords are marginal, and the rest of them are not quite that strong, but you don't have to limit yourself to 12 characters. It is possible to make your passwords that strong, and what could be nicer than a password that you don't have to change for a billion years? You might even be able to memorize it!  

What makes other types of passwords bad? 

The biggest mistake most people make is to use "dictionary words" (real words that are in dictionaries) in their passwords. The problem is that it only takes a hacker about 250,000 tries to run through every word in the English language, and doing that is usually one of the first steps in a password cracking attack. Trying to choose an "obscure" word is pointless. They'll try them all, anyway. And adding one or a few digits to make it "stronger" doesn't help much. The hackers know that trick, and it doesn't take a lot of extra effort to try all those possibilities. Then they go for popular combinations of words, and more. They don't type these passwords themselves. They program computers to do the attack.  

If your password is a strong (long, random) one, it will survive all these attacks. At that point, there is a very good chance that the hacker will give up and move on to an easier target because the next step is a brute force attack, trying all the remaining character sequences, the random ones, which is a poor use of their time because there are lots of easier targets.

The main point is that you can use the available ASCII characters to build billions of times more non-words (random strings) than the tiny percentage of strings that are real words or combinations of them, and your password needs to be outside that tiny percentage, as one of the other billions possible.

Another common mistake that people make is to build a password from information that other people might know or be able to find out about them. This is mostly only a problem in the less common situation where a hacker chooses you to be the target of their attack because of who you are, such as if you are a celebrity, or have a lot of money, or are an employee at a company (or government) where they think espionage will pay off for them if they can get into your account. In this case, they'll program their computers to build prospective passwords from any bits of information they can find out about you. 

Even in the more common random attacks, personal information can make your password weaker just because it usually consists of dictionary words rather than random character sequences.

Password strength is top priority because the #1 threat to your website is internet attackers

There are thousands of them, and they will damage your website if they get in. That is why you must use strong uncrackable passwords. You must keep them out. The strength of a password must be the first consideration, the top priority. Whatever other issues or inconveniences result from your having to use a strong password can then be dealt with -- somehow -- but not by compromising the password strength!  

Remembering a strong password is difficult at first. Write it down so you don't forget it.

Many people have heard that passwords should never be written down, but that rule was for U.S. government employees who had to protect secret information from spies rummaging through their desks. You don't have to be concerned about that (I hope). 

  • It is a huge security risk, with a high probability that somebody will exploit it, to use a weak password because you're afraid of writing it down and a weak password is the only kind you can memorize.
     
  • It is a trivial security risk to write down your strong password. Yes, it's possible someone else might see it, but, seriously, how many of the people around you would actually use it maliciously? How many would even know what it is? Protect the piece of paper with whatever precautions are reasonable for your situation. If really necessary, you can write passwords in such a way that no one will know what they are: make them the first letters of a grocery list, or a personal letter or memo. If you have a password that you must carry into insecure environments, you probably don't need to remind yourself which account or website it's for, so don't write that part down. 

Try to keep your UserNames/UserIDs secret, too

Your UserName or UserID is the other piece of information someone needs to log in as you. Even though it is rarely as cryptic as a password (although for extra security, you could make it so), keep it as secret as possible. If you are a webmaster, don't post your cPanel UserID in forum messages, as some people do.

2) Use a different password for every purpose

Although this section speaks to webmasters, the same principle applies to everybody: Never use the same password in more than one place. If someone manages to crack your Facebook password, you don't want them running over to your banking website and discovering that it works there, too! 

The passwords you use for cPanel/FTP, password protection of folders, database connections, each of your email accounts, and your helpdesk login at your webhost should all be different. Never use a password in more than one login location.

If hackers can get a password from one location (such as an email account), they will test it to see if it will also work somewhere else (such as cPanel, FTP, and even your bank's website, if they know it). This is because so many people use a single password in more than one place. If you use different ones, someone who obtains one of your passwords will only get into one place and will still be locked out of all the others.

Not all your passwords are stored in equally secure locations and formats. Some of them are easier to get than others. Your cPanel password, for example, is normally extremely secure. It is not even stored anywhere in your website files. But if you use the same password for your database connections, it's exposed in plain text in your PHP scripts. If a glitch or misconfiguration on your server causes PHP to stop working, your site could start writing your cPanel password on the pages it sends out. Email account passwords are stored in website files, too. They are encrypted, but someone who gets the files can easily decrypt them offline where it goes much faster. If you use the same password everywhere, it's only as secure as the least secure place where it's stored. 

3) When given a default password, always change it

Anytime you install software that comes with a pre-assigned default password for admin login or for database access (or anything else), the first thing you should do is figure out how to change the passwords, and do it.

4) Only give your password to people who absolutely must have it

If you give someone temporary password access, change the password as soon as their work is finished, no matter how much you trust them. Even if they are completely trustworthy, their PC could get a virus sometime later, and it could steal your password from where it is stored on their PC. You are safer if that password will no longer work.

Summary

  1. Use strong (long, random) passwords.
  2. Use a different password for every purpose.
  3. When you are given an easy, "default", password for something, change it.
  4. Only give your password to people who must have it. Change it when their work is done.
  5. If your current passwords are weak, go change them now.
  6. If you need practice with strong passwords, see below.
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Privacy Policy and Terms of Use Generator

A Privacy Policy and Website Terms of Use is not mandatory to have by law. Although there may be...

Powered by WHMCompleteSolution