A common problem with WordPress is when attackers try to Brute Force your login forms. You can secure your WordPress login by using the WordPress Login Security Solution plugin. Below are the steps to secure your WordPress site login with the Login Security Solution plugin.
Installing the Login Security Solutions plugin
- Log into the WordPress Dashboard.
- Go to the plugins on the left and click Add New.
- Search for “security” in the search bar.
Find the Login Security Solutions plugin and click Install Now.
Click Activate Plugin.
You will see the red warning to the top of the plugins page. To get rid of the Login Security Solutions plugin warning stating to change the passwords for your users, you can click the Change All Passwords link.
To force your users to change their passwords, click the “Confirm . . .” check box and click Require All Passwords Be Changed button.
Login Security Solutions options
To configure your Login Security Solutions plugin, go to the Plugins on the left of your WordPress Dashboard and select the settings link under the Login Security Solution plugin title.
You will see the configuration page like the snapshot to the right. Below is a table with a basic explanation of the Login Security Solutions WordPress plugin.
Login Security Solution Settings
|Login Failure Policies||The Login Failure policies allow you to edit the Match Time, Failure Notifications, and other notifications when login failures occur. You can set the email address that is notified in the plugin “Notifications to” box.|
|Password Policies||Here you can set parameters for the password requirement for your WordPress users. The Length, Complexity Exemption, Aging, Grace Period, and History can be fine tuned in this section.|
|Miscellaneous Policies||These are extra settings you can configure to get the Login more secure. The Idle Timeout, Maintenance Mode, and Deactivation settings can be set here.|