For anyone who is concerned about potential security breaches, Login Lock is an excellent option to consider.
Login Lock enforces strong password policies, provides emergency lockdown features, monitors login attempts, blocks hacker IP addresses, and logs out idle users, to name a few of the hardening of your WordPress site.
Login Lock provides a number of security enhancing features including (but not limited to):
- Enforces strong password selection policies
- Monitors number of login attempts
- Blocks IP addresses for too many failed login attempts (which u can set)
- Lets you manually unblock IP addresses at any time
- Lets you force- log-out all users immediately & then require that they all change their passwords before logging back in
- Lets you force- log-out idle users after a certain number of minutes. (which u can set)
A good rule of thumb to implement for STRONG passwords is this:
- Minimum 8 characters in length
- Contains all 4 of the following items:
– Uppercase Letters
– Lowercase Letters
Enforce Really Strong Password Policies
- Define which types of characters must be used in passwords (such as symbols, numbers and CAPS)
- Define the minimum required password length.
- Define how long a password is valid before it must be changed.
- Prevent users from reusing the same passwords repeatedly.
- Prevent users from choosing common passwords, includes a list of more than 3100 common passwords
Emergency Lock Down
If your site is ever hacked then you probably need to make sure the intruder is forced to logout and is no longer able to log back in to your site.
Login Lock provides an emergency “panic button” that, when used, immediately logs out all users, resets all user passwords to a random value, and sends each user an email message informing them that they must change their password before logging back in to your site.
You have control over most of the security features and how they are implemented, as shown in part by this screenshot:
One of the best features of this plugin is an emergency “panic button”. This immediately logs out all users, resets their passwords, and informs them via email of the change.
To see what kinda strength you have at the mo, use: Password Checker
Download Login Lock it here