]
05-13-2013, 05:42 PM
~Credit to Phun for this tutorial
Hello, here to tell you how important it is to make sure your passwords are SECURE.
I still, to this day, see too many "newbies" create weak passwords. Not only do they
use them on their own website account, they use them for their hosting account and
database account. I can tell you right now that this is VERY insecure. Don't do this!
Just take a look at this example i took, lol:
![[Image: WFCapture000014.png]](http://webflake.net/public/style_images/captured/WFCapture000014.png)
Secure Databases
Let's say we are using cPanel® to create our database. Below this you can see
how i usually go about creating my database and password for the database.
Not sure if i'm just paranoid when it comes to security, but i also generate a random
string for the database name.. just to be sure i guess:
![[Image: WFCapture000009.png]](http://webflake.net/public/style_images/captured/WFCapture000009.png)
For the user i ALSO create a random string and just take 5-6 characters out of it:
![[Image: WFCapture000010.png]](http://webflake.net/public/style_images/captured/WFCapture000010.png)
Now we come to the password part. I'm still not sure why many many many people think
it's a good idea to use their personal password, or a password they can remember. The
important thing to remember here is that the password is saved in your config file..
you don't need to remember it at all. And if that config file goes missing, you can always
just change the password from the control panel anyways.
As you can see i use 18 characters and use both upper- and lowercase characters and also
you can see i'm using both numbers and symbols for non alpha characters. It's the most secure
thing you can pick and is almost impossible to bruteforce or guess by the everyday kid hacker:
Note:
If you're really sensitive about security i recommend refreshing all the passwords for your
databases AT LEAST once per half year. It's very easy and even easier if you have a config file.
Secure Account- and FTP Passwords
I took the DB section apart because i could highlight the specific things i usually do. For all
other things related to FTP, Website and Account passwords you have to keep in mind that:
If you have access to sensitive data and a "bad guy" acquires your password, he has too.
From there, bad things can happen. A secure password contains AT LEAST 8 Characters
with Upper- and Lowercase alpha characters and AT LEAST Numbers and optionally: Symbols.
![[Image: WFCapture000012.png]](http://webflake.net/public/style_images/captured/WFCapture000012.png)
Note:
If you're really sensitive about security i recommend refreshing all the passwords for your
accounts AT LEAST once per half year. And i can't stress enough how awesome good anti-virus is.
I hope this information has been useful to you in one way or another and that you will be safe!
I still, to this day, see too many "newbies" create weak passwords. Not only do they
use them on their own website account, they use them for their hosting account and
database account. I can tell you right now that this is VERY insecure. Don't do this!
Just take a look at this example i took, lol:
Secure Databases
Let's say we are using cPanel® to create our database. Below this you can see
how i usually go about creating my database and password for the database.
Not sure if i'm just paranoid when it comes to security, but i also generate a random
string for the database name.. just to be sure i guess:
For the user i ALSO create a random string and just take 5-6 characters out of it:
Now we come to the password part. I'm still not sure why many many many people think
it's a good idea to use their personal password, or a password they can remember. The
important thing to remember here is that the password is saved in your config file..
you don't need to remember it at all. And if that config file goes missing, you can always
just change the password from the control panel anyways.
As you can see i use 18 characters and use both upper- and lowercase characters and also
you can see i'm using both numbers and symbols for non alpha characters. It's the most secure
thing you can pick and is almost impossible to bruteforce or guess by the everyday kid hacker:
Note:
If you're really sensitive about security i recommend refreshing all the passwords for your
databases AT LEAST once per half year. It's very easy and even easier if you have a config file.
Secure Account- and FTP Passwords
I took the DB section apart because i could highlight the specific things i usually do. For all
other things related to FTP, Website and Account passwords you have to keep in mind that:
If you have access to sensitive data and a "bad guy" acquires your password, he has too.
From there, bad things can happen. A secure password contains AT LEAST 8 Characters
with Upper- and Lowercase alpha characters and AT LEAST Numbers and optionally: Symbols.
Note:
If you're really sensitive about security i recommend refreshing all the passwords for your
accounts AT LEAST once per half year. And i can't stress enough how awesome good anti-virus is.
I hope this information has been useful to you in one way or another and that you will be safe!
