What is World Password Day?
World Password Day aims to raise awareness of the importance of strong passwords.
With all our online habits — banking, shopping, work — we trust passwords to protect a lot of sensitive information. Still, weak, reused, or predictable passwords are one of the most common reasons accounts get hacked.
World Password Day is a simple nudge: check your passwords and update them if needed, before something bad happens.
What is a strong password?
A strong password is genuinely difficult for someone (or something) to guess:
It should be long, complex, and, unfortunately, different for every account you have.
Simply tossing in an exclamation mark and calling it a day doesn’t suffice. Here’s what makes a password strong:
- At least 16 characters (the longer the better)
- A mix of upper- and lower-case letters, numbers, and symbols
- No connection to personal info (like your birthday, the platform’s name, or your favourite football team)
The bad news is, the longer and weirder your passwords are, the harder they obviously are for you to remember as well. Which is exactly why so many people stick to weak ones in the first place.
Password Managers are great, though: Instead of trying to remember every complicated password yourself, use a trusted Password Manager to store them securely. You only have to remember one master password — the rest are handled for you. Better and easier than resetting your password every time you forget it…
By the way, some passwords are fine written down on a sticky note, too. Just maybe not put all details on that same note: app/website, username and password.
So, what is a weak password?
Weak passwords are the digital equivalent of locking your front door but leaving the key under the mat. Here are a few you should definitely avoid:
- admin
- Password!
- Anything obvious, like qwerty, letmein, or 12345678
- Your last name with a 1 thrown on the end (Halsan1, looking at you)
Hackers and bots are clever. They have massive lists of the most common passwords, and they’ll blast through them in seconds. If your password is even slightly predictable, you’re an easy target.
Keeping your WordPress website safer
Let’s zoom in on company websites. Your password not only protects your login, if someone hacks your website, they can:
- Inject malware that infects visitors
- Steal your customer data
- Ruin your SEO rankings
- Trash your reputation
We don’t want that, so here are a few ways to keep your login safer:
1. Let WordPress generate a strong, random password for you
Don’t sit there trying to think up a password yourself. Let WordPress generate one when you create user accounts. Then save it in your Password Manager.
2. Change the wp-admin login page URL
WordPress sites usually have a predictable login page (/wp-admin), and hackers know it. Changing it to something unique (like /super-secret-login15376) makes it harder to find and attack. Plugins can easily achieve this.
3. Enable Two-Factor Authentication (2FA)
2FA adds another wall between you and attackers. Even if they somehow snag your password, they won’t get in without the second authentication step — usually a code sent to your phone.
Closing thoughts
Passwords are a hassle. Keeping track of dozens of complicated logins isn’t exactly anyone’s idea of fun. But they are one of the easiest and most effective ways to protect your digital life — and your website — from getting wrecked.
So if you do just one thing today, check your passwords. Update the old ones. Strengthen the weak ones. Set up 2FA. Future you (and your website) will be grateful you did.
Need support? Get in touch today!
Get in Touch
