A good password to is made up of 3-4 words with a mixture of case, numbers and punctuation (e.g. BIG@66Green!Monkeys).
The two main reasons this is a good combination:
- Easier to remember and completely random.
- The number of bits in the characters will insure that if a brute-force method is used to gain access to the account, that it would take about 374 trillion years to unencrypted.
Test to see how secure your password is: www.howsecureismypassword.net
What is a Brute-force attack?
A brute-force attack is when a malicious user tries to gain access to a password protected page or directory.
Malicious users can try to access services by using different methods.
- Guessing the password any number of times.
- or by using software to enable unauthorized access.
Most of the time it tends to be normal users that have forgotten their password and try to access their account unsuccessfully.
This would depend on your set-up and the software your site is using.
A general rule is to always keep the software your site is using up to date - Content Management System, Programming languages and frameworks and to keep all passwords strong.