“Eagles.” That’s a weak password.
“Eagles2001.” That’s still a weak password.
“Eagles2001.” That’s now a weak, duplicate password.
The use of weak and duplicate passwords can get sites hacked and damage reputations. Don’t let that happen to your business. Using a strong, unique password and knowing your options for logging into your website are the first steps to improve your website’s security.
In this post, I’m going to share 3 secure ways to log into your Squarespace website.
Start at the Squarespace Login Page
To access the Squarespace login page, do one of the following:
- Visit the Squarespace homepage and click “Log In” (see image)
- Enter your website’s URL (e.g. company.com) and click > the escape (esc) key to access the Squarespace login page
- Enter your built-in domain with “/config” at the end of the URL (e.g. company.squarespace.com/config)
- Enter your custom domain with “/config” at the end of the URL (e.g. company.com/config)
If you prefer to disable the escape (esc) key shortcut, go to the Home menu > Settings > Advanced > Escape Key > Uncheck Enable Login with Escape Key > Click Save.
Option 1: Log in with a Password
To log into Squarespace with a password, enter your email address and password. Use a password manager to create a strong, unique password that combines uppercase, lowercase, digits and symbols that are at least 15 characters long (see image). My favorite is 1Password.
Also, never share login credentials. When giving others access to your site, limit and control their access by inviting them as a contributor.
Option 2: Log in with a Password & Two-Factor Authentication
Two-Factor Authentication (2FA) is an additional layer of security that ensures the account owner is the only person who can access your account — even if someone has stolen your password.
Two-factor authentication can be enabled by going to the Account Dashboard > Account & Security > Two Factor Authentication > Setup Two Factor Authentication. When enabling this setting, an authenticator app is needed.
An authenticator app scans the Squarespace QR code and provides a 6-digit code after entering your password. Logging into Squarespace with 1Password’s built-in authenticator is my favorite way to sign in because it temporarily copies the one-time code to the clipboard so it’s ready to paste after 1Password fills the username and password fields.
To log into Squarespace with a password and two-factor authentication, enter the email address and password used when creating your site. The login page will then redirect to the Two Factor Authentication page where the 6-digit code (see image) from the authenticator app needs to be entered. Check the box if you want Squarespace to remember the computer for 30 days. That decision should depend on the security of both your computer and environment.
Use a password manager that includes an authenticator like 1Password or LastPass because it’s far more convenient than using separate apps. Also, use a password manager to safeguard the 10 backup codes that Squarespace provides when setting up two-factor authentication.
Option 3: Log in with a Social Account
A social login helps to reduce the number of passwords by using a single password from Facebook, Google or Twitter.
To log into Squarespace with a social account, choose a preferred social login (Facebook, Google, Twitter) and enter login credentials (see image). To disconnect a social account, read Squarespace’s guide to disconnect a social account.
Switch from an Email Login to a Social Login
- Go to the Squarespace login page.
- Click a preferred social account.
- Enter the login credentials for the social account. For security, Squarespace requires the email of the social account to match the email on the Squarespace account.
- A dialog box will appear that’s titled, “Change Login Preference.”
- Click “Use [social account name].”
- Check your email for a verification message.
- Click the link in the message to confirm.
You just learned 3 secure ways to login to your Squarespace website. Use a password manager and set a reminder to change your password quarterly or annually.