Humanity has three methods of implementing security and authenticating themselves to a system:
- Something you know: This refers to a password, PIN or some other knowledge that is kept secret from others that the system knows and can authenticate the user by.
- Something you have: The best example of this type of authentication is a debit card or ATM card. The card carries information that it shares with the system, but it must be present and readable for the user to interact.
- Something you are: This method refers to a distinguishing characteristic of the user themselves. A fingerprint is probably the most popular example, but other patterns unique from person-to-person include retinas and DNA.
Accidentally forgetting the admin password to your Magento store can be devastating. Luckily, password recovery is a fairly simple process! In the following examples, we will walk you through the process of recovering a Magento admin password. The examples will be using MySQL from the command line, but you can slightly modify these steps to work with PHPMyAdmin.
As with any online account, Magento security starts with a strong, unique password that is not used for any other accounts. Passwords such as “admin123”, “password” and “magentostore” are literally begging to be guessed with minimal effort by an attacker. Make sure that your password is:
1) Strong: at least eight characters, a mixture of capital / lowercase letters and numerals and even special characters.
A major vulnerability has been found in OpenSSL, the open-source software used to encrypt and secure web communication, that could potentially allow attackers to steal sensitive information normally protected by SSL/TLS encryption. The vulnerability CVE-2014-0160, dubbed the “Heart Bleed Bug,” does not require authentication or local access to be exploited which makes this a very severe problem.
Simple Helix takes this matter very seriously. To secure our users and prevent unauthorized attacks against the content they protect with SSL/TLS encryption, we have taken steps to ensure that all servers we host have been patched against this vulnerability. (more…)
It’s no overstatement to say you can never have too much security for your site. How can you tell which hosting options are the most secure? Let’s look at a summary of how the Simple Helix cloud differs from other hosting options when it comes to secure hosting. (more…)