{"id":4707,"date":"2014-02-13T12:51:37","date_gmt":"2014-02-13T18:51:37","guid":{"rendered":"https:\/\/wpengine.com\/?p=4707"},"modified":"2026-01-26T02:36:52","modified_gmt":"2026-01-26T08:36:52","slug":"problem-passwords","status":"publish","type":"post","link":"https:\/\/wpengine.com\/resources\/problem-passwords\/","title":{"rendered":"The Problem with Passwords"},"content":{"rendered":"<p>Do you have trouble remembering all of your passwords? Do you reuse the same ones on different sites?<\/p>\n<p>Most of us commit password security sins, despite the fact that we know we shouldn\u2019t. This is because it just seems too hard to keep up with all of the passwords we\u2019re supposed to remember.<\/p>\n<figure id=\"attachment_4708\" aria-describedby=\"caption-attachment-4708\" style=\"width: 740px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/xkcd.com\/936\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-4708\" title=\"XKCD password strength \" src=\"https:\/\/wpengine.com\/wp-content\/uploads\/2014\/02\/password_strength-xkcd.png\" alt=\"xkcd comic about password strength\" width=\"740\" height=\"601\" srcset=\"https:\/\/wpengine.com\/resources\/wp-content\/uploads\/2014\/02\/password_strength-xkcd.png 740w, https:\/\/wpengine.com\/resources\/wp-content\/uploads\/2014\/02\/password_strength-xkcd-300x244.png 300w, https:\/\/wpengine.com\/resources\/wp-content\/uploads\/2014\/02\/password_strength-xkcd-177x144.png 177w, https:\/\/wpengine.com\/resources\/wp-content\/uploads\/2014\/02\/password_strength-xkcd-698x567.png 698w\" sizes=\"auto, (max-width: 740px) 100vw, 740px\" \/><\/a><figcaption id=\"caption-attachment-4708\" class=\"wp-caption-text\">XKCD Password Strength<\/figcaption><\/figure>\n<p>But what if there was an easier way?<\/p>\n<h3>Problems With Passwords<\/h3>\n<p>There are a number of problems with passwords:<\/p>\n<ul>\n<li><a href=\"http:\/\/blog.getclef.com\/your-wordpress-password-isnt-good-enough\/\" target=\"_blank\" rel=\"noopener\">Most of us choose bad passwords<\/a>.<\/li>\n<li>Passwords are hard to store safely.<\/li>\n<li>People reuse passwords on multiple sites\u2014if one service stuffs up (because they are hard to store!) and exposes your password, multiple accounts across a number of service can be compromised.<\/li>\n<li>Passwords can be hard to pass safely.<\/li>\n<li>The longer you have a password, the less safe it becomes.<\/li>\n<li>Every password that falls to hackers <a href=\"https:\/\/wpengine.com\/blog\/staying-one-step-ahead\/\">feeds the botnet monsters<\/a>, and makes the rest of us less safe.<\/li>\n<\/ul>\n<p>I recently chatted to <a href=\"https:\/\/twitter.com\/brennenbyrne\" target=\"_blank\" rel=\"noopener\">Brennen Byrne<\/a>, CEO of <a href=\"https:\/\/getclef.com\/\" target=\"_blank\" rel=\"noopener\">Clef<\/a>\u2014a 2-factor authentication plugin for WordPress\u2014who explained:<\/p>\n<blockquote><p>Our memories just won\u2019t compete with computers in the long run. Computers are getting better at cracking them [passwords] a lot faster than we are getting better at remembering them.<\/p><\/blockquote>\n<h3>Possible Solutions<\/h3>\n<p>Okay so if passwords are so risky, what can you do about it?<\/p>\n<ul>\n<li><a href=\"http:\/\/en.support.wordpress.com\/selecting-a-strong-password\/\" target=\"_blank\" rel=\"noopener\">Select a strong password<\/a>.<\/li>\n<li><a href=\"http:\/\/wordpress.org\/plugins\/limit-login-attempts\/\" target=\"_blank\" rel=\"noopener\">Limit password login attempts<\/a>.<\/li>\n<li><a href=\"http:\/\/blog.getclef.com\/category\/whats-that\/\" target=\"_blank\" rel=\"noopener\">Learn about Two-Factor Authentication<\/a>.<\/li>\n<li><a href=\"http:\/\/torquemag.io\/two-factor-authentication-in-wordpress\/\" target=\"_blank\" rel=\"noopener\">Consider various WordPress-security plugins that are available<\/a>.<\/li>\n<li>Consider <a href=\"https:\/\/lastpass.com\/features_free.php\" target=\"_blank\" rel=\"noopener\">options for storing and sharing multiple passwords securely<\/a>.<\/li>\n<li>Choose your hosting carefully (WP Engine has a team, in partnership with Sucuri, that invests a lot of time and effort to <a href=\"https:\/\/wpengine.com\/blog\/staying-one-step-ahead\/\">stay ahead of attackers<\/a>).<\/li>\n<\/ul>\n<h3>\u201cWe\u2019re All In This Together\u201d<\/h3>\n<p>As <a href=\"http:\/\/wptavern.com\/large-bruteforce-attack-against-wordpress-sites-starting-to-subside\" target=\"_blank\" rel=\"noopener\">recent reports have stated<\/a>, the problem of hack attempts and general security attacks against WordPress sites is only going to get worse.<\/p>\n<p>And, as explained by Brennen from Clef:<\/p>\n<blockquote><p>It\u2019s really important for us as a community to think about ways to increase the base level of security. We\u2019re all in this together.<\/p><\/blockquote>\n<p>Some people think we should get rid of passwords altogether, and have formed the Petition Against Passwords, whose mission statement begins:<\/p>\n<blockquote><p>The mission of the Petition Against Passwords is to collect every frustrated yell at forgotten passwords and make sure the organizations responsible hear them. This movement is working on behalf of every person who has ever had their identity stolen, their password leaked, or been confused just trying to remember passwords and PINs for multiple sites. There are better ways to log in online and it is time we had access to them. The Petition Against Passwords is about giving us a voice in the conversation about how our identities are shaped online.<\/p><\/blockquote>\n<p>It will be interesting to see whether passwords disappear over the next few years, as we all start to move to alternative security measures.<\/p>\n<p>Either way, it is important that all of us are thinking about our password security for our own sake\u2014as well as for the safety of the WordPress community as a whole.<\/p>\n<p><em>Have you thought about the security of your passwords lately?\u00a0<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Do you have trouble remembering all of your passwords? Do you reuse the same ones on different sites? Most of us commit password security sins, despite the fact that we know we shouldn\u2019t. This is because it just seems too hard to keep up with all of the passwords we\u2019re supposed to remember. But what<span class=\"tile__ellipses\">&hellip;<\/span><span class=\"tile__ellipses--animated\"><\/span><\/p>\n","protected":false},"author":43,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[85],"tags":[128,198,200,199,37],"class_list":["post-4707","post","type-post","status-publish","format-standard","hentry","category-security-2","tag-bots","tag-passwords","tag-security-plugins","tag-two-factor-authentication","tag-wordpress-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The Problem with Passwords | WP Engine<\/title>\n<meta name=\"description\" content=\"It is important that all of us are thinking about our password security for our own sake\u2014as well as for the safety of the WordPress community as a whole.\" \/>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Problem with Passwords | WP Engine\" \/>\n<meta property=\"og:description\" content=\"It is important that all of us are thinking about our password security for our own sake\u2014as well as for the safety of the WordPress community as a whole.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/wpengine.com\/resources\/problem-passwords\/\" \/>\n<meta property=\"og:site_name\" content=\"WP Engine\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/wpengine\" \/>\n<meta property=\"article:published_time\" content=\"2014-02-13T18:51:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-26T08:36:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/wpengine.com\/resources\/wp-content\/uploads\/2014\/02\/password_strength-xkcd.png\" \/>\n<meta name=\"author\" content=\"Kirby Prickett\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@wpengine\" \/>\n<meta name=\"twitter:site\" content=\"@wpengine\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kirby Prickett\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/wpengine.com\/resources\/problem-passwords\/\",\"url\":\"https:\/\/wpengine.com\/resources\/problem-passwords\/\",\"name\":\"The Problem with Passwords | WP Engine\",\"isPartOf\":{\"@id\":\"https:\/\/wpengine.com\/resources\/#website\"},\"datePublished\":\"2014-02-13T18:51:37+00:00\",\"dateModified\":\"2026-01-26T08:36:52+00:00\",\"author\":{\"@id\":\"https:\/\/wpengine.com\/resources\/#\/schema\/person\/c213f847f3c54a62b7317ffed1e0e652\"},\"description\":\"It is important that all of us are thinking about our password security for our own sake\u2014as well as for the safety of the WordPress community as a whole.\",\"breadcrumb\":{\"@id\":\"https:\/\/wpengine.com\/resources\/problem-passwords\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/wpengine.com\/resources\/problem-passwords\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/wpengine.com\/resources\/problem-passwords\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/wpengine.com\/resources\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Problem with Passwords\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/wpengine.com\/resources\/#website\",\"url\":\"https:\/\/wpengine.com\/resources\/\",\"name\":\"WP Engine\",\"description\":\"Managed Hosting for WordPress\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/wpengine.com\/resources\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/wpengine.com\/resources\/#\/schema\/person\/c213f847f3c54a62b7317ffed1e0e652\",\"name\":\"Kirby Prickett\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/wpengine.com\/resources\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/80934d05f5916556009a6c93f9627051c8aa8780a259aeb5a601e2933493dc26?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/80934d05f5916556009a6c93f9627051c8aa8780a259aeb5a601e2933493dc26?s=96&d=mm&r=g\",\"caption\":\"Kirby Prickett\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Problem with Passwords | WP Engine","description":"It is important that all of us are thinking about our password security for our own sake\u2014as well as for the safety of the WordPress community as a whole.","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"The Problem with Passwords | WP Engine","og_description":"It is important that all of us are thinking about our password security for our own sake\u2014as well as for the safety of the WordPress community as a whole.","og_url":"https:\/\/wpengine.com\/resources\/problem-passwords\/","og_site_name":"WP Engine","article_publisher":"https:\/\/www.facebook.com\/wpengine","article_published_time":"2014-02-13T18:51:37+00:00","article_modified_time":"2026-01-26T08:36:52+00:00","og_image":[{"url":"https:\/\/wpengine.com\/resources\/wp-content\/uploads\/2014\/02\/password_strength-xkcd.png"}],"author":"Kirby Prickett","twitter_card":"summary_large_image","twitter_creator":"@wpengine","twitter_site":"@wpengine","twitter_misc":{"Written by":"Kirby Prickett","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/wpengine.com\/resources\/problem-passwords\/","url":"https:\/\/wpengine.com\/resources\/problem-passwords\/","name":"The Problem with Passwords | WP Engine","isPartOf":{"@id":"https:\/\/wpengine.com\/resources\/#website"},"datePublished":"2014-02-13T18:51:37+00:00","dateModified":"2026-01-26T08:36:52+00:00","author":{"@id":"https:\/\/wpengine.com\/resources\/#\/schema\/person\/c213f847f3c54a62b7317ffed1e0e652"},"description":"It is important that all of us are thinking about our password security for our own sake\u2014as well as for the safety of the WordPress community as a whole.","breadcrumb":{"@id":"https:\/\/wpengine.com\/resources\/problem-passwords\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/wpengine.com\/resources\/problem-passwords\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/wpengine.com\/resources\/problem-passwords\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/wpengine.com\/resources\/"},{"@type":"ListItem","position":2,"name":"The Problem with Passwords"}]},{"@type":"WebSite","@id":"https:\/\/wpengine.com\/resources\/#website","url":"https:\/\/wpengine.com\/resources\/","name":"WP Engine","description":"Managed Hosting for WordPress","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/wpengine.com\/resources\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/wpengine.com\/resources\/#\/schema\/person\/c213f847f3c54a62b7317ffed1e0e652","name":"Kirby Prickett","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/wpengine.com\/resources\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/80934d05f5916556009a6c93f9627051c8aa8780a259aeb5a601e2933493dc26?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/80934d05f5916556009a6c93f9627051c8aa8780a259aeb5a601e2933493dc26?s=96&d=mm&r=g","caption":"Kirby Prickett"}}]}},"acf":[],"_links":{"self":[{"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/posts\/4707","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/users\/43"}],"replies":[{"embeddable":true,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/comments?post=4707"}],"version-history":[{"count":0,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/posts\/4707\/revisions"}],"wp:attachment":[{"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/media?parent=4707"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/categories?post=4707"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wpengine.com\/resources\/wp-json\/wp\/v2\/tags?post=4707"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}