As the popularity of content management systems such as WordPress increases, the number of security threats will also increase. Your first defense against intruders is the WordPress login page.
By default, there is no limit to the number of times a user can attempt to login to WordPress. This makes your website vulnerable to brute force and dictionary attacks. Making sure you have selected a secure password is a first good step, but it is not always possible to enforce this with all users.
A great solution is to limit the number of invalid logins with the User Locker plugin. Once the plugin has been installed, it is set by default to lock the user’s account after 5 invalid login attempts. This number can be changed on the plugin’s setting page.
If the number of invalid login attempts has been reached, the user is shown the message below and directed to reset their password.
An extra column is also added to the User menu in WordPress to show what user accounts have been locked.
Have you used this plugin and would you recommend it to others? Let us know by commenting below.