Protect your dashboard without editing the .htaccess file -- the FIRST one that completely blocks remote bot login requests.
I'm rescinding my previous rating of 1 star as my issues I was having before seem to have abated.
This should make life a little harder for the would-be hackers. Nice one.
Everybody should use this plugin, easily adds another layer of protection. Thank You!
everyone should use this plugin
Great plugin, works fine and adds additional layer of security.
This plugin adds an additional layer of security on to the attack vector that is the standard login form.
To be clear from the outset, your password should already be extremely strong, and unique from your accounts elsewhere online.
As it works on security-via-obscurity, it certainly should not be relied upon in lieu of existing or other security measures (like a strong password), but it works in tandem with them.
A great way of effectively changing the login form URL. The URL is bookmarkable, so active users can still get to the new login URL without having to remember the question and answer values. Password managers, including ones like KeePass that have an autotype, still work with the login form.
For the technically minded, the question and answer values are sent via a GET request, so they would appear in server logs and be sniffable over wifi for non-SSL sites. However, that means it's just one more step for someone to tackle before they can try attacking the login form - and if they have access to your server logs or they are a man-in-the-middle on your wifi, you already have bigger problems.
Tested on WP 3.6-beta1.
this plugin is great if you care at all about WordPress security and your admin dashboard!
You must log in to submit a review. You can also log in or register using the form near the top of this page.