WordPress.org

Plugin Reviews

Login Security Solution

Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode lockdown.

5 reviews
Average Rating
4.3 out of 5 stars
You are currently viewing the reviews that provided a rating of 2 stars. Click here to see all reviews.
To secure for my users
By ,

As always security and ease of use is a tradeoff. Even though I reduced the security settings on this my user where not able to login. One example: Many bruteforce attempts these days scans wordpress to find the valid usernames, then use that for BF attack. As a result my users was required to change password very often as the plugin forces "Forgot password" procedure on them on almost every login.
I think the plugin is very good on a personal blog, and I would use it if we were only technical savvy users on my system.

It works but...
By , for WP 4.2.2

An efficient security plugin, indeed. But facing the case to not be allowed to log in as admin with regular password is a little harsh for me. The only solutin I found: desactivate the plugin.
And I am not convinced by the possible reasons given by plugin's creator.

supposed inactivity forced me to login again
By ,

I installed this plug-in on a client site. It forced me to login twice due to supposed inactivity, even though I was quite busy doing things on the site. That was enough for me to say bye.

Also, is there a log of activity showing users who are trying to hack in?

A bit too psycho about security
By ,

Today I had to change my passwords twice, first because I logged-in on a café network. And then because I logged-in at home. Different IPs the same day, and here we go! Forcing to change password!

Sorry, but forcing to change a password without the option to ignore or providing extra information regarding the potential attack isn't security. Today, both times wasn't an attack, and I had to change my password twice....

Bulldog at the gate
By , for WP 3.5.1

It's a tough plugin - no doubt. Within minutes of installing this plugin on my site, I was notified of an attempted intrusion. Good job!

Day 2: I try to log in to my own site (mind you, I did NOT choose to force resets on the passwords) and not only was I denied the ability to log in and forced to create a new PW ... but NOTHING I have attempted as a new password is secure enough to be accepted.

I can't log in to my own site!

The security part works great - the password part ... not so much. I highly recommend staying away from this plugin until they add a "human friendly" option. The password requirements and enforcement is just too stringent.

You must log in to submit a review. You can also log in or register using the form near the top of this page.