 Welcome to Learn WordPress. Let's talk about 7 tips to improve website security. Number 1, use a password manager and secure passwords for your logins. Password managers such as OnePassword and Bitwarden are worth exploring. One of the most common areas for security failure is unfortunately the human one. No two passwords should ever be the same and ensure passwords are at least 10 to 12 characters and include numbers and symbols. And remember never use admin as a username. Password managers store your passwords securely and allow you to generate unique secure passwords for each login without needing to remember each one. Number 2, use a two-factor authentication. Two-factor authentication can significantly enhance the security of your WordPress site by adding an extra layer of protection to the login process. This way even if someone else gets your password, they still can't log into your account without that second factor. Two-factor authentication may seem like a small step but it can greatly improve the security of your online accounts and help protect your personal information. You can search for a two-factor authentication plugin such as WP2FA, two-factor authentication or Mini-Orange's Google Authenticator. Some security plugins also include two-factor authentication but we will talk more about security plugins in a minute. Number 3, always review your user base. Remove unnecessary users and be very selective of admin users. Let's make our way to users in the dashboard. User roles such as editors, authors and contributors should be monitored. Typically the administrative role is reserved for the website's owner. Removing unnecessary users will minimize the potential attack surface or entry points that attackers can exploit. Number 4, only install plugins and themes from trusted developers and uninstall what you are not using. To assess the reliability of a theme or plugin, there are a few things to review. Check user feedback and reviews. Note when it was last updated. Look at the number of active installs. Explore their support and documentation. And double check that it is compatible with the latest version of WordPress. Number 5, keep your plugins and themes up-to-date and remember to back up your site before updating. But you might be asking why? Keeping your WordPress themes and plugins up-to-date is important for maintaining the security, stability and compatibility of your site. Updates often include security patches that fix vulnerabilities in software as well as bug fixes that could cause your site to malfunction or break. These bugs could also potentially be exploited by attackers to gain unauthorized access to your site. By keeping your website up-to-date, you can ensure that your site is protected against the latest security threats and runs smoothly with the latest web technologies. Number 6, install a security plugin like WordFence, Jetpack Security or iThemes that will scan your site for any reported vulnerabilities. There are also many other plugins available in the plugins directory worth exploring such as patch stack, all-in-one security etc. A website security plugin can help protect your website from common cyber threats, block malicious traffic and alert you to potential security issues. In essence, a security plugin will help you maintain the security and integrity of your website. And finally number 7, something for more advanced users. Follow security-focused blogs like patch stack, WP scan or blog.security which report any new vulnerabilities for which there are updates as well as emerging web threats. Then there are also some other steps worth exploring. Firstly, choosing a reliable web host. Secondly, installing an SSL certificate if your host has not already installed one which will allow you to enable HTTPS which ensures that no information is passed in plain text. And thirdly, using a spam detector, especially if you have a blog or allow comments on posts. All the best keeping your site safe and secure and visit Learn WordPress for more tutorials and training material.