Weak login details are the most common security hole. It allows hackers to easily crack your username and passwords by running Brute force scripts.
Never use the admin account as “admin” and easy passwords.
You can use an administrative email id as a username. To make a strong password you can use a combination of upper case, lower case letters, numerical and special characters. Strong username and password make your site more secure and less vulnerable to brute force attacks.
For increasing login security, it is recommended to make sure every user uses a strong password. However, some of us do not like long, strong passwords. So at the time of registration, you can force users to use passwords with a minimum length of 8 characters.
You can also give hints to users, to use a combination of different types of characters like uppercase, lowercase, numeric and special characters. Also, our Joomla Web Security plugin provides a feature to Enforce Strong Passwords.
It checks the password strength of admin and other users to enhance login security.