How to Change WordPress Password and Then Keep It Safe

Sometimes you just need to change the password to your WordPress account. Maybe you're afraid that it's too weak because you were not really interested in making it secure at the time of creation. Perhaps you gave it away so that other people could contribute to the joint project. Maybe you're afraid that it's been compromised. Or it may well be just that said password is just outdated, or that you're having a hard time recalling it – there may be a bunch of reasons why you may want to change it.

Step 1 – How To Change Your WordPress Password

There are two ways to change your WordPress password.

Option 1: Change password when logged in

The quickest and easiest way to change your password is to just log in to your WordPress Admin and update your User Profile page.

    1. Log in to WordPress.
    2. Click on the little round icon depicting a human figure located on the top right of the page. This will allow you to manage your personal account.
    3. Click on the little padlock icon in the middle of the leftmost side of the page.
    4. Choose the 'Password' page. The only option you have here is to create a new password.

Perceptive users will notice that the requirements for what WordPress accepts as a viable password is are quite low.

"To update your password enter a new one below. Your password should be at least six characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ & )."
There is also an option to automatically generate a secure password, which seems to generate completely random combinations of letters, numbers, and symbols, which naturally qualify as a "random password" – but are hardly memorable.

Option 2: Change password when locked out

If you for some reason find yourself locked out of your WordPress account, never fear – gaining access to it again is pretty easy. You just have to go through these easy motions!

  1. When asked to input your password, just request a new one. The option's right below the text box where you'd usually input your password.
  2. Check your email for an automated reply with a big blue button in it. Click the big blue button. It will take you to a page where you will be able to change the password to your WordPress account with minimal hassle.

Again, you may opt to create a completely random password using the site's inbuilt functionality – however, if you do, make sure you copy it and store it somewhere where it's unlikely to get lost. If you don't, you're very likely to be forced to repeat the last couple of steps in the future as well.

Step 2 – How To Create A Good Password

True, you can create a mediocre password, and with the way WordPress's security system is set up, that seems to not be frowned upon – but that's undesirable for many different reasons. Try and avoid that, by using these useful tips for making good passwords:

  1. Come up with a personalized word combination. Just using a dictionary word or a pair of simple and short words as a password is a terrible idea if you want it to be secure. Studies have repeatedly shown that this practice is as widespread as it is terrible. However, since human consciousness functions in large part by relying on words, word passwords that make sense are more comfortable to create and re-create. Still, that doesn't mean that you, as a user, should leave your accounts wide open for anyone to access. The solution is simple - just think of a a less commonly used, more interesting, obscure and - most importantly - longer word or words. For instance, if you thought of using "darkfog" as your password – why not try "menacingvapor"? "bigbook" is an excellent example of a word combination that just doesn't cut it if you wish to ensure maximum security. "Voluminoustome", on the other hand, is much less likely to see use, and thus – a much safer bet. On that note – while they are easy to remember, it is extremely ill-advised to use pop culture references as your password. "Hastalavistababy" and "followthewhiterabbit" are long strings of words, and said words are arguably interesting and maybe even obscure, but it's not difficult to guess.
  2. Capitalize Letters. Most sites require you to use capital letters as well as lower case letters in your passwords. This can go a long way to increase how difficult a password is to guess – if done correctly. Most times it isn't – studies have shown that users tend to capitalize the first letter of their password and leave it at that. What you need to be aware of is the fact that cybercriminals are well aware of this practice, and have taken it into account as well – which means it is a good idea to mix things up a bit when creating your password. Why not capitalize every vowel, or every other letter, or every letter except a couple of notable ones?
  3. Substitute some letters with symbols. Users are in the practice of substituting letters with similar-looking numbers. However, just like with capitalizing just the first letter of the password, that practice is widely known, and thus while it adds to the password's complexity, it doesn't add a whole lot to its security. If you do resort to it, try to not substitute "A" with "@" or "^" – think of something more personal and less obvious.
  4. What symbols to use? While it may well be the most expedient practice as well as the easiest to remember, if you want a secure password, you should never just adding one symbol at the end of your password just "for completion's sake." If you really want to do as much as possible for your online security, try to put symbols at key points in a password, in a way that is memorable to you.

Step 3 – How To Keep Your Password Safe

There are a couple of ways to keep your passwords safe.

  1. Memorize your password. Use the tips given above to generate a good, strong, memorable password, and keep it in your head. Don't stick it on a post-it note, or store it on a document on your desktop, or anywhere else where someone may spot it. The safest place is in your head. The drawback of this option is that users may have dozens of passwords to remember and since it's a really bad idea to re-use any of them on multiple logins… Well, it should be obvious how this option can become unappealing very fast.
  2. Use a password manager to store your password. There are useful apps that can keep your passwords safe and secure, and automatically input them when it is desirable or required.

Step 4 - What to do if your password is not safe

You should always change your password at the first sign of suspicious activity in any of your accounts. With WordPress, changing your password is a cake walk – so you could do it any time you desire.

August 31, 2018

Leave a Reply