Recently our administrative and server management team that there has been a very sharp increase in accounts being compromised and as such causing an issue for both you and us.
For this reason, I feel it appropriate to cover some basic security tips, both applicable to just your VPS services, but also some more general tips that you should follow when using secure services on he Internet.
Utilize SSH Keys
SSH Keys are an incredibly powerful way of securing your servers, this means that you require a keyfile ("Key") that authenticated with the server ("Lock"). This is one of the best ways that you can reduce the chances of your account being compromised, simply because if all accounts (Especially root) uses this, if you use a secure generation setup, it will take millions, if not billions of years to attempt to crack it.
Use Strong / Random Passwords
Re-Using passwords is one thing we all do, but it can be the easiest way to loose access to everything at once, where possible you should use a randomly generated password for every individual service and account. You should especially avoid passwords like 1234 or other shorter dictionary words on their own, as these are the first types that are attempted if its a dictionary type attack. Strong passwords is ones like
FpaI?0s`V49+Ec'vnQ6r>7~>72 as its not pronounceable, has 24 characters including letters, numbers and symbols, making it near impossible to crack without you noticing the attempt.
A lot of password security is about common sense, using simple and easy to guess passwords are going to get cracked, so when you make your next password, just think about using the most secure unique one you can, brining me to my second major point. Regular password changes are VITAL. They make it a hell of a lot harder for someone to guess your password, or if they do have it, to re-gain access in the long term. We advise a root password change monthly, and less secure passwords changed every quarter.