Discussing topics like online privacy and internet security is never fun, although it has become absolutely necessary to do so. We all know basics like creating and using secure passwords and the importance of periodically changing our login information. But when it comes to your website or blog, do you know all the places you need to change your password or login credentials?
I’ve been online for almost 5 years. My first internet address pointed to a free Blogger blog. Once I got serious about my online efforts, I hired an experienced web developer to transfer my site from Blogger to a self-hosted WordPress site. While I didn’t do any heavy lifting in the transfer process, there were several steps of the conversion that required me to follow specific directions she gave me, like logging into my host to enter nameserver information.
Little did I know that that experience, coupled with using my host-provided email accounts, would open my eyes to how many different “moving parts” there are to having a website on the internet.
– – – – –
How many of you have hired someone to redesign your website, transfer platforms or create a brand new site from scratch? Next, how many of you know all the places besides your website or blog dashboard there are to log in to some part of your site?
If you think your dashboard is it, you’re in for a surprise.
To be clear, I’m not trying to scare you. Nor do I think you are at fault if you aren’t sure of all the places that someone could access the “guts” of your website. It’s pretty common that we work with clients who had a designer or developer turn over their website or blog to them with only a username and password for their dashboard.
And if the expert who set you up on your new site didn’t mention anything else, you’d have no reason to think there are other places to be aware of.
We recently started working with a client who had a pretty significant falling-out with his previous developer. When his site wouldn’t load one morning, he called me concerned that an image change he asked me to make on one of his pages is what took his site offline. As I explained to him that me logging into his WordPress dashboard to make a text or image change to a post or page wouldn’t cause the site to go down, I began asking him about what company (or companies) had his domain and hosting. It was through that discussion that he learned there are other places for someone to log in to his site – like his panel and FTP – and that those other places are where all the guts of his site are located.
After a quick call to his host company, he was able to run a back-up of his site, and also change the login information in the places he hadn’t known even existed prior to that morning. I’m glad to say his site being down was only a temporary glitch (which is something that happens occasionally to all websites, regardless of your host company). I’m also glad, in a way, that it happened. Because if it hadn’t, he still be at a pretty severe – yet unknown – risk level, jeopardizing his entire web presence.
So, learn from our client’s example and find out where your domain and website are located, and the login credentials for them. Then change them to something new and that only you know. You’ll have done yourself a really important favor and dramatically improved your level of website security.
*Photo credit paul.orear
I only know of one password on my website, if someone redesigns it for me, how will I know how many things I need to change. I did lose a whole site before and the designer never knew what happened, but he quit this business right before it happened.
I’d recommend you contact the company you pay to host your website. Also, do you know if your host is also where your domain registration is at?