A Guide To Brute Force Attacks + Tips To Protect Your Website – infographic

We love using the iThemes Security Pro plugin to cover “most” of the security issues faced by our clients, and these guys have a great insight as to the threats faced by WordPress website.

It feels like every week there’s another security breach in the news. It can cause panic, especially when we think website security has to be complicated.

But protecting your WordPress website doesn’t have to be hard. WordPress security is easier than you think.

In this infographic, iThemes Security team gives us A Guide To Brute Force Attacks + Tips To Protect Your Website.

What Are Brute Force Attacks?

Brute force attacks refer to a trial and error method used by hackers and bots to discover username and password combinations in order to gain entry into a website.

How Do Brute Force Attacks Work?

An attacker will systematically check unlimited passwords until the correct one is found. Depending on your server settings, an attacker can go through 1000 different password variations in a minute.

Are You Inviting Brute Force Attacks?

If you have a weak password, you are welcoming brute force attacks. You should change your password ASAP.

Top Passwords of 2017 (!)

  1. 123456
  2. Password
  3. 12345678
  4. qwerty
  5. 12345
  6. 123456789
  7. letmein
  8. 1234567
  9. football
  10. iloveyou 
  11. admin 
  12. welcome 

10% of people have used at least one of these worst passwords

Are you one of them?


Simple Ways To Prevent Brute Force Attacks


Make a habit of using a different password for every website you use • Use a password with a combination of lower and uppercase letters, symbols and numbers • Change your passwords often.


Do not use ‘admin’ as your username. • Install a WordPress security plugin such as iThemes Security to activate network & local WordPress brute force protection.


Limit the number of login attempts on /wp-admin & • /wp-login.php • Add a captcha for logins. • Offer a two-factor authentication login option for users.

How A WordPress Security Plugin Can Help

Install a WordPress security plugin to help defend against brute force attacks. The iThemes Security plugin offers WordPress brute force protection in addition to multiple other WordPress security features to secure and harden WordPress.

  • Network & Local Brute Force Protection
  • Lock Out Bad Users & Bots
  • Secure, Protect &Harden WordPress

Get iThemes SecurityPro, our WordPress security plugin, to secure & protect yourWordPress website. https://ithemes.com/security

Shopping Cart
Scroll to Top