Often times when creating or entering a new password, WordPress will determine that they are ‘too weak’ to allow.  It can seem random even if you think your password is pretty secure.  When it comes down to it, your website should be as secure as possible and will help prevent it to be hacked or come under brute force attacks.

The solution?  Make sure you’re are using secure, strong passwords.  I’ve also come across some passwords that seem strong, but are considered ‘weak’ by the algorithm WordPress uses.

There are a few reasons for this.  Wordpress is using Dropbox’s zxcvbn library to help determine the strength of passwords.  Therefore, it is using a smarter system that ensures stronger passwords.  Here are a few examples of how a password may get a ‘too weak’ rating:

Passwords that use ‘l33k speak’ (ie. using a 3 for an ‘e’, 1 for ‘i’, etc. / having your password be “G00dm0rn1ng”) or if WordPress perceives it as l33k speak it may come back as ‘too weak.’

Passwords may also get a ‘too weak’ rating based on the password’s entropy.  This has to do with patterns of a password and how many times a password can be broken down (and therefore hacked faster.)  It’s a little too long to get into here, but here’s an article if you want to read more about the zxcvbn library and WordPress password algorithm.

What are your password options?

After determining that we are going to enforce the use of WordPress-level strong passwords, this only leads us to two options.

  1. An administrator of the site can ‘overwrite’ a password of any strength.  If you determine it is ‘strong enough,’ you can change your password.
  2. You can use various tricks to create a stronger password.  Sometimes it can be as simple as adding an extra character, capitalizing or using a variation on l33k speak.  For your convenience, we’ve compiled a list below of links to help you create a strong password that you can remember.

Other Tips / Tricks For Making A Password Secure

There are some fun, easy ways to make your password secure while making it complicated and long.  Most of the time we have simple passwords because we can remember them.  Unfortunately, most of the time, if we can remember them then they can come under scrutiny with a brute force attack.

Password From A Sentence

People are much better at remembering sentences and song lyrics than they are remembering random letters, numbers, and symbols. One trick to creating a strong password is to take the first letter of every word in a long and memorable sentence and then add upper and lower case letters, numbers and a few symbols to produce your password.

Are you a fan of the Beatles? Then try this: “Yesterday, all my troubles seemed so far away / Now it looks as though they’re here to stay / Oh, I believe in yesterday”, which in password form converts to “Y,amtssfa/Nilatt’h2s/O,Ibiy”. Simple enough, right?

Another good example of this trick is to use a personal statement such as “Don’t forget, your wedding anniversary is on October 3rd!”. The password then becomes “Df,ywaioO3rd!”. There are endless ways to build highly secure and easy to remember passwords using this trick.

via SkyHighNetworks

Create A Constellation

Your keyboard is a blank canvas, ready to help you create your strongest password yet. Draw patterns meaningful to you across the keyboard, including letter and numbers (using your imagination, not permanent marker). The shapes could be your initials, your first name, or a geometrical shape like your favorite constellation to create your password of choice.

via SkyHighNetworks

More Methods

Buffer has some more methods to ensure you’re using a secure password.  Click here to view some more methods. : )

Here’s another generator & tips from The Best VPN.