Login Security Solution
Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode lockdown.
Overview
Compatibility
Installation instructions
Customer support & learning resources
Changelog
Main benefits
Blocks brute force attacks
Tracks IP addresses
Monitors login attempts
Enforces strong passwords
Notifies of security breaches
About this plugin
Author: Daniel Convissor
Categories: Security
Version: 0.56.0
Last updated: 13-08-2016
WordPress version: 3.3
Tested up to: 4.4.33
PHP version required: false
Languages: Deutsch, Français [+2]
Tags:
Learning resources: View resources
Overview
The "Login Security Solution" WordPress plugin is designed to enhance login security for both multisite and regular WordPress installations, providing robust protection against brute force and dictionary attacks while minimizing inconvenience to legitimate users and administrators. The plugin meticulously tracks IP addresses, usernames, and passwords, monitoring all forms of login attempts and implementing a progressively increasing delay for repeated failed attempts, effectively thwarting persistent attackers. Key features include immediate logout and forced password reset for suspected compromised accounts, administrator notifications for attacks and breaches, and comprehensive password strength enforcement with support for special characters and complex requirements. Additional functionalities include protection against username discovery, optional password aging, and idle session logout. The plugin ensures seamless integration with WordPress' native features, offers internationalization support, and includes a thorough set of unit tests to maintain reliability. This solution stands out by prioritizing security without opening vulnerabilities, and it avoids promoting ads or other distractions, focusing purely on safeguarding user data and site integrity.
Enhanced Login Security
- Blocks brute force and dictionary attacks without inconveniencing legitimate users or administrators
- Tracks IP addresses, usernames, and passwords
- Monitors logins made by form submissions, XML-RPC requests, and auth cookies
- Slows down response times for repeated login failures to limit attackers' ability to probe your site
Password Strength Enforcement
- Thoroughly examines and enforces password strength with full UTF-8 character set support
- Customizable minimum length and complexity requirements
- Checks passwords against user data, blog info, and provided password dictionaries
- Decodes 'leet' speak and prevents sequential codepoints and keystrokes
User Management and Notifications
- Can notify the administrator of attacks and breaches
- Administrators can require all users to change their passwords without sending emails
- Logs out idle sessions after a customizable idle time
- Prevents information disclosures from failed logins
Maintenance Mode
- Publicly viewable content remains visible while disabling logins and comments
- Logs out existing sessions except for administrators
- Useful for maintenance or emergency reasons
- Separate from WordPress’ default maintenance mode
Features list
Feature
Premium version
Web3 Authentication
Secure login using blockchain technology.
All-Inclusive Version
Comprehensive package with all features included.
Instance-Based Licensing
Pricing based on the number of software instances used.
Pricing
In some cases companies have different prices based on various components like a location. As a result the prices displayed here can differ from the ones you see on their websites.
See all pricing optionsRating and reviews
Martin Sauter
12 Apr, 2023
I have reported a security bug 1 month ago, and I haven’t heard back from the developer since.
stephaneleveteau
08 Jan, 2019
Bonjour,
Merci au développeur, ce plugin fonctionne très bien et a bloqué par trois reprises une tentative en force brute.
Steve
21 May, 2018
Another must have!
tomkinsrichard
24 Apr, 2016
This plugin is effective.
ip, user and date, enable you to track origins of attacks.
The plugin prevents attacks from succeeding.
ppotier
17 Apr, 2016
I received a mail of few minutes ago about a brut force attack, from an IP address, in Turquie.
Many thanks to you !!!
version 0.55.0 works fine with wordpress 4.5
Regards
