Since each login attempt requires longer and longer, even with a simple password, it is impossible to hack your site.
I get 2 or 3 break in attempts at one of my sites every week, this plugin does exactly what it advertises, it prevents hackers from gaining access.
The title says it all. My client's site was attacked many many times this weekend and your awesome plugin stopped the attackers. Way to go! Thank you so much! I'm now telling all my colleagues to use it!
Love this plugin. I use it on every site that I'm involved with.
As always security and ease of use is a tradeoff. Even though I reduced the security settings on this my user where not able to login. One example: Many bruteforce attempts these days scans wordpress to find the valid usernames, then use that for BF attack. As a result my users was required to change password very often as the plugin forces "Forgot password" procedure on them on almost every login.
I think the plugin is very good on a personal blog, and I would use it if we were only technical savvy users on my system.
In the wake of BruteProtect getting absorbed into JetPack, I went looking for a simple, login security plugin. This one has a ton of configuration options and will even log a user out after a desired period of time (something I never had with BP). Awesome plugin and it's now part of my standard theme setup.
Works as advertised.
I've been looking through security plugins for WordPress for a long time. You'll find there's plugins that purport to do a lot, and others that are more focused. In any case, you'll find the all encompassing ones can be more of a headache if settings aren't set quite right for your particular environment and also quite the resource hit. From my experience, targeting a few specific security tasks with smaller plugins is a better approach. Login Security Solution is one such tool in my arsenal, and I recommend it.
My only complaints are that the user error messages are sometimes confusing to end users. I also wish the plugin allowed for a seven character length password (the same as a default WordPress installation). I've seen the plugin author's rationale for requiring passwords to be a minimum of 10 characters in the forums (simply put, the longer the password the more secure), but it would avoid the headaches that are induced when the default WordPress password hint ("at least 7 characters...") is presented to users, which can and have occurred with changes to the WordPress core or conflicts with other plugins.
All in all, I definitely recommend it, because the benefit outweighs the support related issues, it works, and I haven't found a better solution.
An efficient security plugin, indeed. But facing the case to not be allowed to log in as admin with regular password is a little harsh for me. The only solutin I found: desactivate the plugin.
And I am not convinced by the possible reasons given by plugin's creator.
I installed this plug-in on a client site. It forced me to login twice due to supposed inactivity, even though I was quite busy doing things on the site. That was enough for me to say bye.
Also, is there a log of activity showing users who are trying to hack in?
Does everything necessary and is simple to use. I recommend creating a second admin account with a strong password which you only use in case of a problem with the plugin to be able to log in and deactivate it.
You must log in to submit a review. You can also log in or register using the form near the top of this page.