Beware of hackers breaking standard passwords

I have one WordPress blog for my web design company, one for my travel company and three for associated real estate websites. Every single one has been hacked within the last three months, usually for links to s@x-enhancement sites.

The problem is that WordPress issues a standard six-digit alphanumeric password on installation. This is seen as one easy picking by the hackers, who take hack the site then in one of more stories embed their code with linkbacks to their spurious websites.

I would recommend that all passwords are changed to nine- to twelve-digit passwords, upper and lower case, to prevent this from happening.

This I have managed successfully and have not been hacked since. I would imagine they have programs that use “admin” as the login, then run a program that can hack the password up quite quickly.