All websites are vulnerable to hackers and content management systems are no exception. There are some general guidelines that all websites should consider.
Make sure your usernames and passwords are secure. This should be true for your website administration area if you are using a cms and your server.
- Your usernames and passwords should have a combination of uppercase, lowercase, numbers and symbols.
- Your usernames and passwords should not be easy to guess.
- If you are using a content management system (ex. Joomla, WordPress, Drupal), make sure your username is not admin.
- Get a password manager app to keep track of all your passwords and usernames. These apps will often have you set one main password that will unlock all the other passwords. This way you only have to remember one password. Some will also generate passwords for you.
- Consider changing your login screen error message so it doesn’t tell the viewer which part of the login was wrong – the username or the password.