A successful WordPress security strategy should include steps to strengthen the WordPress login.
Here are five simple rules for better WordPress login security.
Use Strong Passwords
An ideal password is at least 12 characters long and includes a large pool of characters, including upper and lower case letters, numbers and symbols.
Use A Unique Password For Every Account
Another best practice for online security is using unique passwords for every account and website login you use.
Never reuse passwords.
Limit Failed Login Attempts
By default, WordPress doesn’t limit failed login attempts. Without this limit, Word Press can be an easy target for brute force attacks.
Limit Outside Authentication Attempts
There are other ways to log into Word Press besides using the login form. Limiting the number of username and password attempts to one for every XML-RPC request will go a long way in securing your WordPress login.
Use Two-Factor Authentication
The best way method to increase Word Press login security is Word Press two-factor authentication. Two-factor authentication requires an extra code along with your Word Press username and password to log in.
Install A WordPress Security Plugin
The iThemes Security Pro plugin offers 30+ ways to secure and protect your website. With Word Press two-factor authentication, brute force protection, strong password enforcement and more, you can add an extra layer of protection to your website for stronger Word Press login security.
Get more Word Press security tips & resources at iThemes.com SOURCE: https://ithemes.com/2018/10/09/5-rules-wordpress-login-security/