Enrapture logo

Strong Passwords: The Simple Way to Protect Your Website

Password security matters

If you run a website, your content management system (CMS) is the brain of the operation. It’s where you log in, make updates, and control who sees what. That’s why a strong password isn’t just “nice to have” — it’s your first and most important line of defence when it comes to protecting your website and pretty much everything else you need a password for. We receive customer feedback on a reasonably regular basis regarding the use of strong passwords. We get it, it’s a pain to have to manage lots of different, long and complicated passwords!

While we can’t force clients to follow our advice, we can only advise them on the best practices they really should follow, as well as those that we definitely follow.

Why strong passwords matter

Hackers don’t always “guess” your password by hand. They use tools that try millions of combinations in seconds. Weak or reused passwords make their job easy. If someone gets into your CMS, they can:

  • Change or delete your content.
  • Add malware that can infect visitors.
  • Steal customer information.
  • Lock you out and demand money to get access back.

A strong password makes these attacks much harder and often not worth the effort.

What makes a password strong?

A strong password is:

  • Long: Aim for at least 12–16 characters.
  • Complex: Use a mix of uppercase and lowercase letters, numbers, and symbols.
  • Unique: Never reuse a password across different accounts.
  • Unpredictable: Avoid common words, names, dates, or keyboard patterns like qwerty123.

Good example: Jelly-Tiger!7-Maple-Cloud

REALLY bad example: Password123 or Summer2025

Tip: Passphrases are great. Try four or five random words with numbers and symbols between them. They’re easier to remember and still strong.

Don’t reuse passwords. Ever!

If one site is breached, attackers will attempt to use the same email and password combination everywhere else. Reusing passwords turns one problem into many. Keep each account unique.

Use a password manager

Remembering dozens of long, unique passwords is tough. A password manager:

  • Creates strong, random passwords for you.
  • Stores them securely.
  • Autofills them when you need to log in.

Popular password managers work across your phone and computer, and many offer family or team plans.

Turn on two-factor authentication (2FA)

2FA adds a second step — like a code from an app or a hardware key — after your password. Even if someone steals your password, they still can’t log in without that code. Use an authenticator app (such as 1Password or Google Authenticator) instead of SMS whenever possible for enhanced security.

Keep your admin accounts clean

  • Give admin access only to people who actually need it.
  • Remove old users when they leave your team.
  • Use separate logins for each person.
  • Rename or disable the default “admin” username if your CMS allows it.

Watch out for phishing

Hackers often try to trick you into giving up your password:

  • Be careful with links in emails or messages.
  • Check the website address before you log in.
  • When in doubt, go directly to your CMS login page — don’t click a link.

Quick setup checklist

  • Create a strong, unique passphrase for your CMS.
  • Store it in a trusted password manager.
  • Turn on two-factor authentication.
  • Remove or limit extra admin accounts.
  • Update your CMS and plugins regularly.

Bottom line

Strong passwords are the easiest win in website security. Use long, unique passwords, a password manager, and 2FA, and you’ll shut down most common attacks before they even start. Your website — and your visitors — will thank you.

© Enrapture Media is a trading name of Enrapture Limited - Building online solutions since 2009

Secret Link
Enrapture Media
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.