Administrator Passwords Password Security


Most web applications contain some sort of system for controlling data input into the site. This is often in the form of an administrator's control panel, or database access of some sort. While it may make debugging take longer to have a short and simple password for this, when on a production system, it is very important to have a secure password on these systems.

Systems that need securing with complex passwords include the following:

When creating websites for clients, you may often retain access to these things in order to support your application, or you may be hosting the site for them on your own systems. This means you are responsible for the security of that site and any data on it. If that includes customer data such as names, addresses, or even bank details for an e-commerce site, losing the details could be devstating for the customers, your client, and you may be liable. You will need to show that you took appropriate steps to ensure the site was secure.

There will be more about password security later in this chapter, but for now, have a look at this comic from the famous XKCD which shows how to make your passwords properly secure.

Password Strength