Login Attempts no notice of limites

  • Resolved teresa789

    (@teresa789)


    2 years ago

    Hi everyone, I am using Wordfence for security, I noticed when students go to login to their page, they do not see on the login page the count down of how many login attempts left when they get username or password wrong. I set the limits in Wordfence, I just assumed it would automatically show how many more times they can login before they are blocked. Do I need to install another plugin.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    2 years ago

    Hi @teresa789,

    Wordfence doesn’t give hints to potential attackers on how many attempts have been set by the site administrator by design. It may be worth loosening the “too many login attempts” restrictions slightly to a level that may be considered reasonable for a human to accidentally mistype or momentarily forget their credentials. They may also be inadvertently be caught out with a typo by the “immediately lock out invalid usernames” setting in Wordfence > All Options > Brute Force Protection. We would recommend this be disabled if you have a high quantity of users.

    With Brute Force settings, I recommend trying 3-5 for attempts and password resets, counted over 4 hours, with a 30 minute (or longer) lockout time period to see if it eases the amount of people experiencing issues.

    Let me know how you get on!

    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Login Attempts no notice of limites’ is closed to new replies.