The big joke these days is that there are only two kinds of companies left in the US…those that have been hacked and those that don’t know they’ve been hacked.
Get it? Hardy Har Har. Yeah, not so funny, huh?
Trust me when I say that no one is immune from getting hacked. Not the big guys. Not the little guys. And sadly, not us solopreneurs.
Heck, not all that long ago the New York Times and Twitter were both hacked. Evernote, Facebook, Apple and NBC (and its affiliates) and Microsoft were also all hacked. Even the people that guard our personal data (like our login info, our credit card info, all our important info) were hacked for Peet’s sake!
Again…no one is safe from getting hacked.
Especially if you’re using WordPress.
I’m not trying to scare you off of WordPress, so please don’t even go there. In fact, lucky for you, there are some super simple things you can do to make sure you’re aware of what’s going on with your own website.
First and foremost, don’t leave the login to your WordPress site as the default Admin. Go into your user panel and create yourself a brand spankin’ new admin – feel free to use your first initial and your last name – complete with a strong password (more on that below). Then log in to your site as your new admin and delete the original “ADMIN” user (be sure to transfer all their posts to your new admin user). Yes, it is indeed, that simple.
Next up, strengthen those passwords. The bots that the hackers use tend to look for words (like common names or even the word “password”) and utilize what’s referred to as “dictionary attacks.” So if you’re using a name or a word as your SECURE password, change it to something more complex that uses a combination of letters, numbers, and symbols. [Click Here to Tweet This]
If you’re stuck with what to create for a password, might I suggest a word that works for you, switching some letters for number or symbols in conjunction with a zipcode or your license plate number (usually another mix of letters and numbers), or even part of your phone number. For example: DOLPHINS87112 would become d0lph!nz*87112. It’s easy enough to remember, yet difficult enough that the bots can’t get it easily using a dictionary attack.
Finally, get some help. I can personally recommend the Wordfence plugin. I get reports throughout the day telling me how many times it is locking out “users” from signing in, any time an admin logs in, or when my plugins appear to be altered. It’s quite simple to install and even the most basic of default settings will still protect you. On top of all the useful info it shares with you (if you give an email for the alerts), you can also find out some fascinating, if not curious info about your hackers like where they’re from.
And I’m sure you realize (and it basically goes without saying), that you should watch what you download and make sure your computer’s security settings are up to date. Oh yeah…don’t forget to make sure your system – and yes, your website – are regularly getting backed up following the 3, 2, 1 plan.
One final note: If you’re really, really stuck on creating strong passwords, or if you have challenges remembering all your passwords, I highly recommend you look into getting Lastpass. It will simplify your online life in ways you’ve yet to even imagine.