I'm having about the same problems as many others here too. Site was working fine, installed this plug-in and the moment I activated, the browser reports "Forbidden..." This is so bad, I can't even get to the login page on my WAMP/localhost to deactivate or uninstall this thing without seeing:
You don't have permission to access /wp-login.php on this server.
Apache/2.4.9 (Win32) PHP/5.5.12 Server at volzone Port 80
I've moved the plugin folder off. In mySQL, I've tweaked the wp-options > it_sec > hide backend thing. Restarted the server a dozen times. I completely deleted the instances of it_sec**** suggested by Viktor, no results. I've looked through wp-conf.php and don't see any offending "define" lines to comment out. The result is now always '403.
What should I do now besides scrap the whole project and re-do the whole thing?