Your website is protected by multiple layers of server security. However, good account management practices are also important for keeping your website secure.
Following a few simple guidelines helps prevent unauthorized access and protects your website and email accounts.
Use Strong Passwords
Always use strong passwords for your website and email accounts.
A strong password should:
- be at least 12 characters long
- include a mix of letters, numbers, and symbols
- avoid common words or personal information
Weak passwords are one of the most common causes of compromised accounts.
Do Not Share Login Credentials
Your website login credentials provide administrative access to your website.
Avoid sharing your login information unless it is absolutely necessary.
If multiple people need access to the website, separate user accounts should be created instead of sharing a single login.
Log Out on Shared Devices
If you access your website dashboard or email on a shared computer, always log out when finished.
Avoid Installing Unknown Plugins
WordPress plugins can add useful functionality, but installing unknown or unverified plugins can introduce security risks or break your website.
Plugins may create:
- security vulnerabilities
- compatibility issues
- website layout problems
Avoid Making Major Structural Changes
Small content updates are normally safe. However, large structural changes to layouts, plugins, or system settings may affect how your website functions.
If you are unsure about a change, contact support before making modifications.
Keep Your Login Information Secure
Never send passwords through email or messaging systems.
Support staff will never ask for your password directly.
If someone requests your password claiming to be support staff, do not provide it and contact support immediately.