WordPress is always evolving and adding great new functionality.
Version numbers represent leaps forward in technology such as image editing, media placement, software improvements, and much more. As of this writing, WordPress is on version 4.1. The leap forward in this release for example, is the ability for the admin to choose language settings in the back end at any time (as well as media and security improvements).
WordPress has improved its security greatly over the past few years. In version 3.7 of 2013, WordPress introduced automatic security updates. This means that while version updates are at your discretion, security updates are automatic.
No website can be 100% secure as we all know.
Famous hacking attacks sometimes occur as we may see on the news or read about. However when a security flaw is discovered, it’s usually up to the user to quickly apply the patch as soon as one is ready. In the past, this was an issue with WordPress as people wouldn’t know or just wouldn’t update their site in time.
Now those security patches are automatically applied to your website by the fine folks at WordPress.Org! Rest easy.
Naturally, security is also a concern of yours, if you’re running your own site, or your webmaster’s, if he or she is doing it. You must use proper passwords and user names on your site. For example, never use just ‘Admin’ as a user name. It used to the case where everyone using WordPress would just keep that user name. The spider bots had half the battle won already as that is the first user name they check for.
Use the “Nickname” system inherent in WordPress.
There is a nickname, or display name function available. For example, when you make a blog post, the author’s name usually appears under the post. If you use ‘Admin’ as your real user name, and ‘Admin’ appears under your blog post, you’ve given away 50% of your security!
The best way is to have a real user name, one that you log in with, that nobody knows but you. Keep it unique. Then use the ‘Display’ name as a different one.
It goes without saying. Keep your passwords at least 7 seven characters long, and use upper and lower case as well as symbols. There are also services out there to manage your passwords for you. If you have a unique user name and a secure password–coupled with WordPress’ auto updates, you should be just fine.