Login Management
In Bluehost login management, logging into your account is as easy as entering your domain name and password on the login screen or clicking one of our Single Sign-On options. As a web hosting provider, we're charged with safeguarding a lot of valuable and sensitive information, such as website files, contact information, and financial data, a responsibility we take very seriously. We've implemented sophisticated backend security measures to the login process to prevent targeted attacks and added options like limited-access user passwords and two-factor authentication, resulting in a login experience that's easy to use and doesn't compromise security.
Passwords are the first level of protection against hacking. Still, research has shown that up to a shocking 90 percent of user-created passwords are vulnerable to hacking—90 percent! We don't know what it is if that isn't caused by concern. We rely on several security protocols to ensure your login is secure, but these measures can only go so far. It's becoming increasingly crucial for you to be proactive in keeping your login information secure. Not only do you need to create a strong password to withstand hacking attempts, but you also need to keep it safe so it doesn't find its way into the wrong hands.
Password Management
Account passwords and login options are managed by clicking the icon in the upper-rightmost corner of your screen and then clicking My Profile. You will be redirected to the My Profile & Security page.
- Change the main account password, also known as the administrator password.
- Turn on or off two-factor authentication for your login.
You have complete, unrestricted access to Bluehost account management when you log in with the main account password. If you're the only one who logs in, this may be the only password you'll ever need for your hosting account. But if you want to delegate your website and billing management responsibilities without giving out your main login password, you also have the option to create limited-access user passwords in the Web-pro Access tab.
As the account administrator, you'll create and manage the passwords on the user's behalf. This is a great security measure because it allows you to revoke access anytime by changing the user's password.
If you can't log in because you forgot your password, click the Forgot Password on the login screen, and we'll send you an email with a link so you can update it.
To set and manage your main account password, please visit the article for more information: How to Reset Your Login Password.
Create a Strong Password
We know it's a pain to create a new password for each site and application you frequent, not to mention how frustrating it can be to remember what they all are, but having a strong password can mean all the difference in securing your account.
Much of the traditional advice about creating a strong password is pretty much the same: the longer, the better; use a mix of letters, numbers, and symbols to make it complex; avoid using personal information; and don't use a word found in the dictionary. Still, it all holds to scrutiny, even now that security concerns are more significant than ever. Historically, password complexity was favored over length. Still, criminals discovered that shorter passwords are easier to hack, even if similar numbers or characters substitute a few letters. The trick is creating a long, complex password that can withstand various hacking attempts.
Strong Password Do's
-
Make It Memorable — Long, complex passwords are the most secure but often hard to remember. Try this to make it memorable: Think of an easy-to-remember phrase or piece of information, then replace letters with similar characters or symbols. You could even take that phrase as an acronym before substituting symbols. For example, "I went to JFK High in 1975" can become "!WtJFKh1gh@I_75" or something similar.
-
Use Different Passwords Everywhere — You wouldn't use the same key for your house, car, mailbox, etc., so why would you use the same password for your online accounts? If a hacker obtains your password, they'll check whether it works for other websites. It only takes one compromised login to put all of your other accounts (reusing the password) at risk.
-
Use a Password Manager — A password manager—like LastPass, Dashlane, KeePass, 1Password, etc.—is an app that saves your login credentials for different sites, then automatically logs you in the next time you visit. Some will even generate unique, complicated passwords for you. They're available in any web browser; many apps will even sync across your devices.
Strong Password Don'ts
-
Don't Use Dictionary Words — Hackers can employ a list of every word in the dictionary (or multiple dictionaries) against a password database. Luckily, strong passwords aren't usually vulnerable to this kind of attack.
-
Don't Use Common Passwords — As with dictionary words, common passwords and generic sequences like password, admin, 123456, qwerty, etc., are also discouraged because they're easily hacked. Read this Gizmodo article for the 25 most popular passwords of 2015.
-
Don't Reference Personal Information — It's easy to remember names, phone numbers, birthdays, etc. However, that information is accessible to hackers using social media and other methods.
-
Don't Write It Down — If someone finds your password, they could do any number of things with your account, such as logging in, changing or stealing information, and even resetting your password. This is especially a problem with banking and email passwords.
-
Don't Share It — Sharing your password with a friend or family member often seems harmless. Still, it could be easily mishandled and fall into the wrong hands.
-
Don't Log In From Public Computers — It's easy for someone to look over your shoulder in a public place to view your password as you enter it. And it's even easier to accidentally save your login information for a particular website, allowing the subsequent visitor access to your account.
Single Sign-On
It's no secret that remembering the password for every one of your applications is a hassle, especially if you still need to start using a password manager. That's why we offer Single Sign-On (SSO). This option permits access to your hosting account by authenticating your login credentials with one of our trusted SSO identity providers like Google, Facebook, WordPress, etc. This means a single, successful sign-on with one of our trusted service providers will authenticate your access to both services.
In the past, SSO was considered more of a convenience measure. Over the last few years, it has increased security by enabling more complex authentication policies. Your login credentials will only be stored in one secure location rather than multiple, possibly less specific locations. We all know that it's easier and better to remember one complex password rather than a variety of passwords, mainly because those are likely to be less complicated to make them easier to remember. With fewer credentials to keep track of, there are fewer to lose or compromise.
If you want to enable Single Sign-On for your login, please take a look at our guide: How to Enable Single Sign-On.
Summary
Bluehost login management allows easy access to your account by entering your domain name and password or using a Single Sign-On option.
Security measures are implemented to prevent targeted attacks and added options like limited-access user passwords.
A strong password is crucial for securing your account, as it can withstand various hacking attempts. To create a password, use an easy-to-remember phrase or word. Avoid using dictionary words, common passwords, referencing personal information, sharing it, and logging in from public computers.
Single Sign-On (SSO) allows access to your hosting account by authenticating login credentials with trusted identity providers.
If you need further assistance, feel free to contact us via Chat or Phone:
- Chat Support - While on our website, you should see a CHAT bubble in the bottom right-hand corner of the page. Click anywhere on the bubble to begin a chat session.
- Phone Support -
- US: 888-401-4678
- International: +1 801-765-9400
You may also refer to our Knowledge Base articles to help answer common questions and guide you through various setup, configuration, and troubleshooting steps.