We’ve all heard more than we ever wanted to about password changes recently, after the craziness with the HeartBleed bug compromised passwords all over the internet. By now, hopefully most of you have changed passwords for almost everything you have that you wouldn’t want open to the world — social media, email, online banking, online shopping, etc. — but don’t forget to change the passwords for your web site’s content management system, too.

Here are some guidelines for your web site login/user name and password:

  1. Your user name should NOT be any of the following:
    • Admin
    • Your First Name
    • Your Last Name
    • Administrator
  2. Your password should NOT be any of the following:

Change your passwords in all of the following circumstances:

  1. An employee leaves (even if you think they never knew your password)
  2. You haven’t been following the guidelines mentioned above
  3. A major widespread security incident occurs (like the HeartBleed bug)
  4. It has been at least six months since the last time you changed it

 Use secure passwords:

There are lots of resources out there to help you devise a good, secure password that you can remember. Here are a few:

  1. How to Create a Secure Password That’s Easy to Remember but Hard to Hack
  2. Strong Random Password Generator
  3. How to Choose a Secure Password: 6 Steps

Keeping your web site login and password secure and regularly updated is the best, cheapest insurance you have against nefarious hackers who can harm your online reputation and cause you an enormous hassle in the process. Make it easy on yourself and go change your passwords now.