how to choose a secure WordPress password

how to choose a secure WordPress password // tiny blue orange

what makes a password secure?

it might be hard to understand the way a hacker thinks, but doing so helps you keep your login screen secure. your business name or personal details about you like your address, children’s names or pets all make for weak passwords.

(i bet it would take you less than 5 minutes to learn the names of my dogs, which means someone that wants to break into my site could do the same.)

beyond avoiding the basic details of your life, picking a winning password means avoiding patterns, making sure it’s not common + that it’s hard, if not impossible, to guess.

which means that this list of popular passwords is bad news bears for your WordPress site security —

  • 123456789
  • 111111
  • password

it doesn’t have to be impossible for you to pick a strong password though! in fact, there are tools that will help you make sure your site password is secure —

  • trust WordPress to tell you if your new password really is strong
  • or use a password generator to create a random password
  • save your new + secure password to a password vault

how to choose a secure WordPress password // tiny blue orange

see, even WordPress knows brutus would be a terrible password for me to use. sorry Brubru!

set your new secure password

changing your WordPress password to the option you just picked is really easy. it’s 4 steps + will take you less than 60 seconds if you’re already logged into your site.

  1. from your dashboard, head to Users > Your Profile
  2. scroll to the bottom Account Management section
  3. click “Generate Password”
    (either use what WordPress suggests or type in your new one)
  4. click “Update Profile”

volia! now your WordPress site is way more secure than it was for however long you were using your old + weak password. feels good, doesn’t it?

if you have any other administrator level users on your website, share this article with them so they can update their passwords too.

remember, your site is only as secure as the weakest link — whether that’s your weaksauce password, another user or another site on your shared server.



want a free course to keep your site safe from hackers?

sign up below + you'll get easy to follow emails for 10 days outlining how to secure your WordPress website! you’ll also get freshly squeezed info each week to grow your business.