Hack Prevention
7 Plugins That Protect Your WordPress Login Page
Your WordPress login page is perhaps the most important page on your website. It is what keeps strangers (hackers) at bay. If your site credentials fall into the wrong hands, your business is going to be in trouble. Thankfully, there are plugins you can install to protect your login process against hackers and crackers. Here are 7 plugins that help keep your login process more secure:
Limit Login Attempts: one of the best ways to keep your site secure against hack attacks is by finding and banning the IPs belonging to hackers. This plugin will notify you of that information as soon as your site is attacked.
WP Login Security: requires all the admins on your website to register and whitelist their IPs. If an IP is not recognized, an email will be sent to the admin’s registered email address with a one time password. Adds another layer of security to your blog.
Login Lock: a complete login protection system that enforces strong password policies, monitor hack attempts, and even bans abusers. Allows forced logouts by admins.
Google Authenticator: adds two factor authentication to your login page. You can define it for certain users (e.g. admins only).
One Time Password: planning to access your WordPress site on an unsafe network? This plugin creates one time passwords for those situations. Admin actions can be protected with one time passwords too.
Semisecure Login Reimagined: not a foolproof security solution for your login page. But it does use a combination of public/secret key encryption to protect passwords on the client side. Useful when SSL is not available.
ExtraShield: an exciting login protection plugin for WordPress that lets you log in to your WordPress account in a secure fashion using your mobile phone. Creates a new security code on your phone every 50 seconds!
I am interested to know your suggestions. Please share them below.
Matt
September 21 at 4:51 am
You could also mention https://www.shieldpass.com 2nd factor authentication which has a nice wordpress plugin.
Cyrus
September 21 at 5:28 am
Thanks for the tip Matt
Daniel Convissor
October 17 at 5:35 pm
Take a look at the (relatively new) “Login Security Solution” plugin. The attack monitoring examines user names, passwords and IP addresses. It accommodates IPv6. The password strength requirements provide full support for UTF-8 passwords, even those using alphabets with only one case. Plus it has a full set of unit tests.