What is a strong password?

I think many people do not understand, that security is not only using a strong password. Webhosting is happening on web servers and your data travels to your web host trough a network. And these are not the safest places on Earth Under “strong password” I mean one that is:

• much more than 12 characters long
• uses upper case and lower case letters, numbers and special characters
• is not a word or does not consist of words found in dictionaries.

Security is also about using strong passwords, but you need to make sure the passwords are not sent in clear text. If you are trying to run a  community web site on a VPS or dedicated hosting a good idea is to find and purchase a cheap SSL certificate, or at least to generate one self-signed. It might look weird, but it adds to the security of your users data. At least their passwords and login names should never be sent in clear text.

Another thing to think about is where else should you use strong passwords. Cpanel login, database user name/password combination, email account and all the administrator passwords you ever created or will create should be protected by a very strong password.

If you do not know how to generate a strong password there are tons of applications on the Internet, but the best way to generate them and remember them is by using a software tool like:

• PasswordSafe

or some other password locker One thing to mention at the end of this article is, that you need to hold the passwords on a secure place and not visible to anyone. There is no meaning if you do have a strong password, but it is written on a piece of paper next your computer screen… Have a nice day and see you next time here at Icethunder.net

Namecheap.com ALERT! There’s a phishing scam purporting to be from WhoisGuard. This is NOT from us. Please see more info here: http://community.namecheap.com/forums/viewtopic.php?f=6&t=2793

One small note from my self :

NEVER CLICK ON EMAIL ATTACHMENTS OR LINKS IN EMAIL AS YOU CAN BE NEVER SURE WHO SENT IT TO YOU. EVEN IF IT IS SENT FROM YOUR FRIENDS EMAIL ADDRESS!!!

!!!!!A SMALL DIFFERENCE IN A LINK CAN LEAD TO BIG TROUBLE AND LOSS!!!!!

I know it is easy to say, but trust me you are much safer without clicking on links. Even from friends as malicious software can just sent “blind” emails to contacts from your friends ADDRES BOOK. Even your anti-virus software might not be able to detect it is a scam Always check before clicking on anything.!

The black magic behind aka “the Intro”

As you may or may not know HTTP stands for Hyper Text Transfer Protocol and it’s the protocol you are using when trying to get to a web site. The web server serves HTTP requests and gives clients the proper web sites. The whole idea behind HTTP is, that it’s “plain text” and everything you send this way is not encrypted. All the data you put into a web site starting with HTTP is send “as is” and thus you could lend your password and username to anyone who would be spying on your network!

HTTPS stand for Hyper Text Transfer Protocol Secure and as you might think it is the safer “brother” of  the plain HTTP protocol. Everything you send trough a web site starting with HTTPS is send in an encrypted form and thus it is very complicated for a “man in the middle” to figure out what is the content of the message, but I have to say, that there are ways to find it out! But you can rest assured and as long as there is no “MITM” attack with a fake web site, than you should be secure, but always check if you are o the right web site, the web site authenticated in the reight way and a few more things

What do I need to be able to use HTTPS?

To have the ability to use HTTPS instead of HTTP you need not only to get a web hosting account. You need some more things. First of all ou need to make sure your web host will allow you this feature. To use HTTPS you need to have  a static IP address assigned to your domain as you will need to buy a certificate from a  trusted certificated issuing authority like VeriSign. This certificate holds data about your web site and the IP address and more [this is why you need a static IP] and it ensures, that your visitors know who they are talking to while having a session  with your web site.

[ad#Adsense360]

A static address can be bought from your web host and it can cost you form $1 upwards and this fee is paid mostly on a monthly basis. Make sure to not get with this address on a “black list” as your host could be a little bit angry

Another option is to buy a VPS or a dedicated server where you are assigned a dedicated static address and thus do not need to pay for it, but you have to look after the server yourself.

HTTPS – the requirements:

• static IP address
• certificate from a trusted authority [from $9.99 - $XXX XXX]
  

Regular user point of view

A regular user just log’s into his account from whatever Internet connection and computer he may have at his disposal and does not care that much about security. He just wants to log in to his accounts and check whatever he needs to check. He does not care, but the same regular user is very unhappy when someone has stolen his credit card information or misused his personal data.

After something bad happens to his personal data he blames everyone, but not himself most of the time, but security online starts right where you sit. It’s your responsibility to thoroughly check if your computer does not have any virus, trojans and other kinds of malware. I would say a firewall is a must and regularly updates of the operating system should not be underestimated!

There is a difference between having an anti-virus installed and actually using it for scanning for malware. You should perform at least weekly scans and I would highly suggest at least a “smart scan”, before you perform any financial transaction on the web.

At first it might look like a waste of time, but you never know when this could save you a lot of time, money and nerves!

The security point of view

Everything you are sending over the Internet is sent in  the form of so called “packets”. These packets carry lots of information, and I will not go into the details, but I have to tell you, that they are formatted in a certain way. For the purpose of this blog I just need to show you one important thing.

There are two widely used protocols to access web pages. The first one is HTTP. It’s an insecure protocol and all you send trough HTTP is send in plain text. You log in trough a web site like “http://www.domain_name.com”, which does not use SSL, and you’re sending your data in plain text. Password and username are easily intercepted by a possible attacker!

The second one is HTTPS and the last “S” stands for  “Secure”. What this protocol does before actually sending your data over the wire is, that it encrypts the data and only the other side intended to receive this data is able to decrypt it and to read it. The HTTPS is widely used while communicating with your bank, or wherever you enter your personal information and credit card info.

I would recommend you to always make sure your hosting company uses HTTPS during your sign up, sign in and while you are entering any sensitive information. This way you and your data stay secure while on the Internet

Have a nice day and good luck!

Image: Simon Howden / FreeDigitalPhotos.net

FTP

FTP stand for File transfer protocol and it’s used to access a server, or another computer in a different location. It’s used to transfer files between one or more computers and it’s pretty good at this task. A few years ago it was a standard, and still is, to transfer files and it did not matter what the clients think, or if it’s secure or not.

The problem with FTP is, that it sends all the data in a not encrypted form and this is a big problem! You send all your data to the server and back from the server to your computer in “plain text”. At first sight you could think, why should you care, right? Well, you should care a lot, because your user name and password are send as a plain text as well.

And everything what’s send in plain text is easily intercepted with a  e.g. packet sniffer. It’s even worse if you want to access your FTP account on a public network like a library WiFi. You can not know if there is no one with a sniffer and does not perform sniffing

SFTP

This protocol is what I would use more often if not always if you have such an option. You are sending the data in a secure way. The data is encrypted and thus not asily read, by anyone. There are techniques to decrypt it, but it takes lots and lots of time and computer power. And if you are using a very strong password you should be safe.

[ad#Adsense360]

A strong password should contain at least: 10+ characters and it should include at least one of these different characters a-z, A-Z, 0-9 and a special character like ” / , ? } etc.

Conclusion

You can never be sure about the security of the network link you are using and thus using a secure method instead of an insecure one is always better and it helps to protect what you care about the most – your data!

Hosting company check

The moment you have decided you will go with hosting company X is a very exciting moment, but I think it is worth thinking about the whole “sign up” process very carefully. I don’t tell you to think for a year, but what I am trying to tell you is to really thoroughly check the hosting company before you sign up. the reason for this is, that there are many scam web sites on the Internet and you can not be always sure if you did not arrive at such a web site.

Site link check

After you have checked the web hosting company of your choice and everything is still great, than there is the second step! Make sure you are on the right website. This lesson is very important and you should always check whether you are on the right site. You ask yourself, why would not you be? You clicked the link right?

Well, that’s a nice theory, but you should always check the link in the address bar very carefully to make sure you are not on hostgator.cx.com while you think you are on hostgator.com Sometimes you get an email from a “friend” who recommends you something or you click on a link on a web site and this takes you to the site. You think you are on the right web page while you are on an identical copy of the site, but with a different web address! You enter your personal and financial info and you are in big trouble!!!

Always check the address!!!

SSL or https check

While on the right web site and after a thorough company check the next step I would consider is checking if the company uses SSL encryption during the sign up procedure. SSL transfers secure the whole communication between your Computer and the server of the hosting company. It’s very important and I would recommend to go rather with a host who uses HTTPS, than with one without it!!! All the info you enter into a form while on a  “https://something.com” website is encrypted and thus securely transferred over the Internet. while http traffic is sent in plain text!

[ad#Adsense360]

Another important thing here is to check who issued the certificate and for which company it has been issued. You do this by clicking on the “padlock” symbol in your browser. If the issuer is a trusted authority it’s OK, and it should state that the certificate is issued for company XXX and the domain name “host_domain.com”. If that’s missing or it is different than you should be be very careful and check it out all again from point 1. !!!

Recommendations

• Before actually buying or filling out any form always check the company
• If you enter your personal or financial/bank data anywhere on the website make sure it uses SSL [https in the address bar ]
• Check the issuer of the certificate and for what company the certificate has been issued for
• Check the address on which you are and closely check for any different characters in the address [like hostgator.cx.com is not the same as hostgator.com!!!]

I would also recommend to “bookmark” your web hosts web site in your browser to make your life easier and more secure. If you bookmark a site you are always taken to the same web site, but if you are always typing the whole address you could make a mistake and it could cost you a lot – identity theft, credit card info theft etc. !

Hopefully you liked this article and you will come back soon! Have a nice day and good luck

Well, you are right. This should not be happening to a company dedicated to provide it’s customers with a good level of security and service for their money! These customers are paying for a service and thus should get a satisfying level of service and security to their data. But as we can see in this example they do not have any level of security and their data seems to be visible throughout the database server.

The guy mentions, that while trying to figure out what is happening trough a conversation with the support the conversation was stopped by the support with no real answer to the question if this is usual at this company.

These problems just mean two things:

• Their level of support service is very poor
• Their data policy is really far below an unacceptable level!

I would suggest you to always check if there is not a similar problem going on at your hosting provider. If there is a problem like this try to ask and get some answers, but if they are not willing to clarify You always have te right to go away and find a better service!

I think, that the majority of hosting companies has a really very good level of data handling policy. They know what they are doing, but as you can see in this example there are still the bad apples of the industry with less knowledge than required, or not willing to help if there is a problem.

The best strategy is not to hide themselves or shut down the conversation, but to assist the client and look for the solution. One thing is to get the client to pay the bill, the other is to provide a service for the money!

The thread can be found here: http://www.webhostingtalk.com

Shared web hosting is pretty simple. Your web hosting company sets everything up and you do not have to worry about anything. If something goes wrong you email your support center and wait ’till they take a look into the problem and solve it for you. You are provided with a nice control panel from which you can change pretty anything related to your hosting package, your web site etc. Setting up a mail account or adding a new website is just a few mouse clicks away… . You think to yourself that it’s pretty easy and thus after a while you decide, that you would like to move on to a bigger challenge and you want more security and elasticity. You go to VPS and your nightmare starts pretty quickly – if your knowledge of web servers, server operating systems and security is not on the required level.

You need to understand, that there are two options you could go:

• Managed VPS

• Unmanaged VPS

And they both differ in the depth of support you will get from your hosting provider. If you are not that good at servers and you do not have the nerves to make mistakes and learn something extra, or you need your web site online as fast as possible and do not want to be responsible for it’s uptime, than the MANAGED VPS solution is just for you! But if you want to be responsible and you think you are able to manage it than go with Unmanaged

Talking with your VPS

I think, that many of you know there are two options how you could talk to your VPS or any other server. One of them is the secure way and the other is the insecure way and I can tell you NEVER use the insecure method! The insecure method is called TELNET and you should definitely disable it. There are some options how to perform it – block it’s port in iptables [firewall], remove it entirely or just shut the service down.

[ad#Adsense360]

The more secure way is to use the SSH and configure it so, that it does not match the default configuration of ssh. That is good, because people know the defaults, but it’s harder to guess the changed settings and you make the life for an intruder harder

Valuable SSH settings changes:

• Change the default port to something different – default value is 22 and thus change it to something different. You can use any number above 1023 and less or equal to 65535.
• You should make the SSH to listen only on one of your IP addresses assigned to your server
• It is always a great idea to create a new user and add assign him SUDO rights. After this you should disable direct root logins.
• You should not run a desktop environment on your VPS as it opens too many hole and it’s not good for security and you really do not need it…

I will try to update this post with some example configurations i the coming days Until than – have a nice day and good luck!

Linux newcomer and a Windows kid?

And here comes my piece of advice. If you are only a desktop user and the majority of your life has been spent by you figuring out how Windows XP/Vista works and it’s only a couple of months or years you decided to change to Linux and enjoy the freedom it offers you need to make sure you do not experiment on the distro you will use on your brand new VPS.

I have a few valid reasons to tell you this, as many times it’s not the fault of the hosting provider that something goes wrong. Many times it’s Us – the users – who are responsible for the faulty functioning of our VPS. We make mistakes – we are humans - but at the same time we are many times not ready to admit we did something wrong or we do not understand something in such a depth as needed or required and thus we make some mistakes. And then we blame the provider… .

Do not try to shift to a VPS if you do not really understand the risks and what it takes to manage and administer an own server. It will turn to be only a painful experience for you and your provider and you can ruin their reputation or your own as well. If you decide to go with an unmanaged VPS provider always choose an Operating System you really understand and know how to administer.

[ad#Adsense360]

While being hosted by a shared hosting company you might feel it is pretty simple and thus you decide to go to VPS and be your own resources and limit boss, but it’s the most stupid idea you might get if you are not that good at Linux, servers, security and many other things required to manage your own web server.

If you are only a Windows kid and you have not used a Linux server before and you do not have the know how – do not even try to go to an unmanaged VPS as it is a waste of time and resources… .If you are a Linux guy and use Linux on a daily basis – you might try it, but trust me -> a desktop is nothing – no real security or anything. A server is just such a different thing and it needs daily care and staying up to date with security risks, updates and new threats is really exhausting – particularly if you have a popular web site!

The rules, or my recommendations:

• Always use only a Linux distro you understand and know how to use it!
• Regularly update your OS
• Always try to learn and develop your skills!
  
• There is nothing like an  absolutely secure server – there only those secured and unsecured ones…
• The placement of some configuration files differs between Linux distro and some commands do too!!!

Hopefully this quick article gave you something to think about before making a rush decision and go the bad direction Have a nice day!

From time to time you might decide you want to take security one step further and you just create a “password protected” directory and thus only people who know the password should have access to it’s content. So far so good, but this is only a theory. In fact you are hosted on a shared server and as we already know – or as we should know – you are not a super user [root], but only an ordinary user on the shared server.

Thus you can protect a directory so other shared “users” don’t have access to your protected directory, and only people who know the password have access to it, but there is still one person who has access to it and can do anything to it if he wants or needs to! It’s the hosting company and they have on each machine a root user account. It’s the well known super user. This user can change permissions for every user on the system. He can change passwords not only for himself, but for any user on the system. He can change pretty anything he wants to!

Your data is secure and there is no need to panic. I just wanted to make sure you understand, that in the shared hosting environment you are still only a user of the server and have only a restricted set of permissions. In shared hosting there is always someone with higher permissions that your own account – the super user. The hosting company might use it to troubleshoot your problems and help you out!

[ad#Adsense360]

But you need to be careful and choose what you upload and what you do not, because you have to trust your host that he does not accidentally or intentionally misuses your data! Thus always read the Terms of Service and Privacy policy, or any applicable policy;)

If you want to worry about something worry about the search engines and bad set up of your web site installation, which might reveal some things you don’t want to be revealed Try to read about how to make Joomla! or WordPress more secure & search engines proof

Have a nice day and enjoy today’s nice sunny weather, at least where I am it’s sunny Well, and don’t be shy and leave a comment about this topic if you have something to say about it!

FTP

This shortcut stands for file transfer protocol and it’s the protocol you will use when uploading data to your web space or downloading them from your web space to your personal computer. I can not say, that you will use FTP, because many times today even hosting companies started to understand, that FTP is not a very secure way of accessing a clients web space and they tend to provide you with the more secure alternatives to a plain FTP session.

What a FTP client does is it contacts the server you “ordered” it to contact. It logs in to the account with the credentials you give it and it helps you organize your web space. The whole idea behind FTP is pretty simple and it is “very” lightweight. It sends data from and to your computer without any changes done to it either before or after the transfer.

The big problem with a FTP transfer is it’s insecure nature. FTP is lightweight and thus it lacks something. And this “something” is the security. You send data on “as is” basis. What you click to upload/download i sent over the wire in an unencrypted way. It’s send in a “plain” format. Even your login credentials to your FTP account are sent in an unencrypted form and this makes this type of file transfer absolutely insecure.

If you are on a free Wifi network – even if it’s encrypted – you should never connect to a FTP server you don’t want anyone else to have acces to! If you are not sure about the security of your network, or you simply do not want to take the risk, than look for an alternative. Many hosting providers today offer you the alternative to use a “Web based file uploader”. The popular Cpanel control panel has this feature, too. You can see an example of a control panel in the picture

Web based files uploader

This method is most of the time very secure as you are using it within your own control panel session and if your host offers the control panel as HTTPS than there is a big chance that even your File uploader will be in HTTPS mode But you need to check it out, before trusting this my words. My provider does it, but it could be different with your! It’s on a host to host basis.

The SFTP access

I don’t think, that many shared web hosting providers would allow you the use of SSH, but I think that there are many who would allow you to use the SFTP protocol. SSH is not that useful in a shared hosting environment as you are not in charge of the server, but there are some companies who offer it.

SFTP stands for secure FTP and as you might guess it is the safer alternative to FTP. The data and your login info are sent over the wire in an encrypted format and it’s hard for the possible attacker to track your communication [ if you don't use SFTP for an upload lasting 24/7...].

[ad#Adsense250]

With SFTP you can be sure that your data is not visible and thus even using your SFTP on a less secure network should not be such a problem. Although there might be problems like MIM attacks etc., but generally the SFTP is the secure way to access your web space

The data you send over the wire is encrypted before they are sent and it is decrypted after it is received by the other end. The encryption and decryption is the black magic behind the scenes, but for you as the end user it is not that important. The important thing is that it is secure and it takes longer than a plain FTP session, but it’s not like it takes 1 hour for SFTP and 15 minutes for an FTP. It’s just a question of a few seconds and most of the time you even don’t realize the difference.

FTP/SFTP clients

Up until now we talked about the protocols and their use in web hosting. Now I would like to give you a few links to some of the clients you could use to upload or download data from/to your server. I would suggest, that the site to go is download.com as there are tons of software there and its just up to you what you choose. there are even very good Trial version of some very reliable FTP clients, but you do not have to pay to get a great FTP client!

download.com – This link provides you with the most downloaded FTP clients on download.com

Filezilla – the ultimate free FTP client  – it supports many protocols [FTP/SFTP ]

Softpedia – This site offers some good programs, too

Hopefully this article helped you Have a nice day and coe back soon!

Fake review sites

I would say, that a very easy way to determine whether a review site is fake or not is to look at their reviews… Too many great reviews, and reviews of only the biggest hosting companies is a good sign. Big hosting companies do have the money to pay high affiliate money and thus these “review sites”, as they like to call themselves, like to post reviews about these hosting companies. They make a good review, although they never had a package with them, and post a few “customer experience reviews/comments” after their review. It places very well in a Google search [they use SEO techniques to make the rank high] and then you read this review, click the link that appears just under/over/on the side of the review and they make profit… They most of the time don’t care about your bad experience after you buy a package… They have made money, this is what matters for them!

To make sure you will not get caught into this is to use more than one review site, but be prepared that many sites are owned by one person/company and thus you can find a site named XY and than one named ZX and all the reviews and comments are the same…

The big help here are the hosting forums. On the forums you will be able to find many people ready to give you their opinion on different companies and many of them do have real experience with more than just one of them! The more members a forum has the more trustworthy it should be! What’s even better is, that you could meet some hosting company owners on these forums and ask questions directly! My favorite forum is webhostingtalk.com, but there are more of them. Just make a Google search for “hosting forum” or “webhosting forum” and you should get some good results!

Fradulant offers & Fake hosts

These are hard to uncover, but you can still do it! It just needs your active work. The easiest way to find out whether a company is good and reliable is to ask [once again] at forums. There are many people able to help you and many of them do have the KNOW-HOW to find out whether a company is trustworthy or not. I would like to mention, that many times some people from the “hosting business” do know each other and thus could give you valuable info about other companies!

[ad#Adsense250]

One very important thing o remember [ok, some very important things] is you should always make sure, that the website you are entering your personal data into is encrypted! This means your data [credit card number, name+surname, address etc.] are transmitted over the Internet in a secure way! You can find this out by looking at the address bar of your browser. The address should start with HTPPS:// and I would personally never go with a company not using a https secured transmission during sign up.

Well, today I jut wanted to make sure you will not get into trouble on your search. It is great to find a web host with cheap prices and one who fits your needs, but always be prepared to make sure you are going the secure road! Check HTTPS during sign up, check your future host at forums and try to figure out some own techniques on how to make yourself more secure!

You can leave some of your ideas about this topic in the comment area, or you could leave some of your own experience Have a nice day!

The issue I will discuss here did change this as this is a very common issue. In fact this is a very crucial one, because your web site is a very important thing to most of you. You regard it as a investment and you want it to be online 24/7/365. And still there are people who just put their web site online and do not perform two basic tasks. These two tasks could safe them a lot of problems if any issue would pop up somewhere on the road, but many times one of these two is not present or even none of them is… .

I am talking about Regular BACK UPs and Web Site MONITORING. These two actions can safe you lots of money, nerves and problems. And I did not mention that they could safe you a lot of valuable data important for your business/project/online life etc.

Regular back ups

Your web site is full of data and one day something bad happens. A disk gets broken or your host did something wrong during a server migration and all your data is lost, because they do not have a back up. And the first thing you do is to go to a  forum and complain, right? No, because if you would really think your data is of high importance to you you would perform regular back ups.

I would recommend making a day to day back up. This way you would not need to worry about anything being lost. If your site is updated every day and new stuff appears on it every day, than  a daily back up should be a must. If your web site does not get so much fresh content or it is just a static web site without any input at all, than you will be fina with weekly or monthly backyps too.

WordPress, Joomla or Drupal and other CMS do have a plugin, addon or feature to back your web site and send it to your email or download it directly to your home computer. If you are using a “home made” solution or  simple html web site you could back your whole /home directory. If you are using a database than a database back up is important too!

[ad#Adsense250]

Most of the time the way you will be able to back your web site up depends on what technology you are using. If you are not the site administrator of your web site, and are just the owner,than ask your admin to perform regular back ups.

Web site monitoring

Another important thing to not forget is to monitor your own web site. You could subscribe to your own RSS feed [if you have one], but it would be more effective to use a tool like mon.itor.us/ and set it up accordingly. There are lots of tools to use on the Internet and Google can give you a lot of answers.

Try to use this Google search phrase: web site monitoring and there should be plenty of great links to help you monitor your web site’s uptime and much more. The reason why it is so important to monitor your own web site is to make sure it’s up and running and does not have downtime. If you web site has downtime you are loosing money, readers or both. It’s definitely worth to monitor your own web site to make sure everything works the way you want it to work.

Hopefully this article gave you something to think about and the next time a disk gets broken you will be ready and have your own back up version of your web site so no problems will occur. Have a nice day and do not hesitate to leave a comment or question in the comments area related to this article.

All these passwords – even the best ones can be cracked very easily. You write them down on a piece of paper and you lose it. Or the passwords is easily associated with your person… . There are so many options. In the recent time social engineering has become a very common way how to get a persons password. They send you a targeted [or less targeted] mail and want you password. They seem legitimate and you give your password away. If you would use only one password for several account you would be in big troubles! And this is the reason why to use several hard to guess passwords… .

Using several passwords make you less vulnerable. It does not expose you to a complete attack and a disaster after it does not need to occur. But there is still one line of defense you need to consider. Using your passwords on the Internet is not always safe. I know you authenticate yourself by providing your user name and password combination, u the problem here is, that even though it looks safe it is not.

Well, it is as long as the site you try to communicate with has a SSL certificate. This means your communication with this site is encrypted. But there are still many web sites, that do not use SSL encryption for password authentication and this makes even the best password unprotected from an attack called Packet Sniffing. The attacker sniffs on the network and can easily see the conversation on the network. He sees the packets and their content and yo can be sure he sees your password.

[ad#Adsense360]

This is why yo should not try to connect to insecure accounts on AirPorts or on any unprotected Wifi hot spot. It might look secure, but it is not. Using FTP while on an insecure Wifi connection is equal to disaster… This is why yo should always try to look for companies offering SFTP or a online Web Site upload manager, because these are secured. It is better to use a SSL secured imap connection than just a plane one.

Just think about how many times you did not think about this. Imagine how many times your password could be compromised! And now go and change this password, else you may not even know who else uses your accounts while you are offline!

This is the last article I will dedicate to security and hopefully you now know it is always better to enforce a good security policy, than to blindly believe you are secure. If you have any comments just leave them under the article and I will try to response to them Have  a nice day.

I know it is very convenient to use one password on all the services I know using a simple password makes the life of a person easier. I know that writing a hard password on a piece of paper gives you the ability to remember it and to not forget it. I know…., but you should realize, that this is the wrong way.

An easy to guess password is worth nothing. It does not mean it is short, but rather it is very easily “cracked” if you have got the knowledge about the person whose password you are trying to guess there is no problem to guess it. There are dictionary attacks and easy to guess passwords will never stand this kind of attack. In fact even hard and good passwords will be cracked eventually, but it will take a long time and online services do have policies to prevent numerous password attempts and might suspend the account etc.

But do not forget, that the most important thing to prevent your password to be cracked is to use a hard to guess password. Such a password should consist of not only numeric or alphabetical values, but should be a mixture of special characters, alphanumeric values both lower and upper case. It is good to use a password 8+ character long!

There is still the one thing you might say: How should I remember such a hard password? Well, if it looks hard to you , than it is great, because it is even harder for others, too There are programs out there, that help you to remember those passwords! And you do not have to worry about tons of passwords. You just need to remember one”master password” that unlocks them all!

[ad#Adsense360]

You might ask how this relates to hosting… Well, while working on your project you need to come up with many passwords. You need to create passwords for “emails, databases, web sites, ftp accounts etc.” And with so many passwords you might start using just one or two for most of them and this is a bad habit. It’s bad because if a “bad guy” cracks one, he knows all of them!

The whole idea of this article was to tell you about PASSWORD SAFE. There are tons of products out there, but this seems to be a good option for any Windows user. It is easy to use and it helps you to keep all your passwords at one place. You do not even need to be afraid of anyone being able to read them they are all encrypted in a  safe password safe file. Only who knows the master password is able to read and use them.

This and similar passwords provide you with these options:

• Your passwords are safely stored in an encrypted file and thus you need to remember just one password

• Those programs are able to generate a password for you if you want so you do  not need to ‘generate it” yourself
• You can tell the program what characters to use [upper/lower case, numeric, alphabetical, special characters] and also the length of the new password generated
• These programs allow you to copy and paste your password easily into different forms
• The saved files are not large files [depends on the amount of passwords stored...]

…and more. Do not forget, that features depend on the program you use! Hopefully this article help you to think about security and gave you some answers. You can post your comments and we can talk about this topic more Have a nice day.