I know I talk a lot about how it’s your responsibility to ensure that your WordPress websites are secure. (Because it is.) That said, there are instances where you have very little control over the vulnerabilities that other users introduce to the site. Specifically, I’m referring to users who don’t abide by smart and safe password practices.
To be fair, think about how many names, numbers, birthdays, addresses, facts, workflows, and so on that you have to keep track of on a daily basis. Then think about how many applications you log in and out of as well. The last thing you or anyone else wants to do is to have to memorize a unique and complicated password for each one of them.
But passwords are there for a reason. You can’t skimp on securing a website (or, if you’re a user, your private information) simply because you don’t want to generate a better password than the one you created for Gmail five years ago. Same goes for all your users.
So, let’s talk about WordPress passwords and why they play such an important role in fortifying your WordPress site’s security.
Continue reading, or jump ahead using these links:
The History of Passwords and WordPress The Right Way to Use Passwords with WordPress Listen to WordPress Go Long Mix It Up Reject the Old Require Frequent Updates Add Two-Factor Authentication Use a Security Plugin Get a Password Manager The History of Passwords and WordPress
WordPress has always suggested that developers take responsibility for ensuring that strong passwords are used by everyone who has access to their site. You can always view WordPress’s Password Best Practices documentation as well. Additionally, in an effort to abide by the OWASP 10, WordPress has enacted a number of security
Keep reading this article on wpmudev.org