Stop Brute Force Login
Attacks In Their Tracks!
A brute force attack is when someone walks up to a locked door and starts repeatedly trying to pick the lock. Given enough time and enough persistence, nearly any lock is pickable.
An 8 character password can be picked in under 30 minutes using software today!
The key to these types of attacks is that the attacker has to remain able to continue trying… and failing… until they eventually succeed.
When it comes to security, the general theory is “you either know the password or you don’t”. From there we can easily set a cap on how many times someone can try to log into a site before the site temporarily locks them out.
Fortunately, this is super easy to implement on a WordPress-based blog or site.
Limit Login Attempts
(and rapidly improve the security of your WordPress site!)
1. Install the plugin on your self-hosted WordPress blog, and then click activate.
2. You’re done! (Unless you want to tweak the settings!)
In your left-sidebar menu, under Settings you will see either “Login Lockdown” or “Limit Login Attempts” respectively.
Settings Panel for Login Lockdown:
Settings Panel for Limit Login Attempts:
Tips For Settings
The settings may at first seem fairly aggressive but that’s an important part of effective security.
I prefer the settings panel of the old Login Lockdown, over Limit Login Attempts, because it gives me the option to hide the login errors (select YES) and makes it super easy to unblock a colleague that may be stuck outside, if you are already in.
I suggest using this plug on your blog in tandem with using LastPass add-on in your browser, to make it easier for you to manage multiple, long, complex, robust passwords without accidentally locking yourself out!
Do you do things to your site to protect your security? Do you feel comfortable with your security knowledge and ability to protect your blog?
~ Kim ~
Simple Tech Tips For Marketing
PS: A feature similar to this is built into many more robust security plugins such as WordFence. If you are taking advantage (enabled) of this feature within another plugin, then you do not need these plugins.