WordPress is one of the most popular used CMS all over the world. But with its popularity there are more chances of your website being hacked. It is very simple to guess any site’s WordPress login page URL. Hence you should make sure that your login page is secure by having your Username and Password extremely difficult to guess, as login page is like a main door of your house, you need to make sure that your door is securely locked.
By default WordPress allows unlimited login attempts, hence there is nothing to stop cracker to try multiple combination of username and Password in the hope of just finding the correct one. This is the most common technique used by crackers and known as ‘Brute force login attempts’, and it is one of the most common technique.
WordPress provides default user name as ‘admin’, I hope that you did not use this default username. If you haven’t changed the default WordPress username, I strongly recommend you to change it right now. The problem with this default admin username is that crackers will start with the default username; this will reduce their work in half.
A Solution for WordPress
There is a plugin called ‘Limit Login Attempt’. This plugin is programmed in such a way that login attempt made by any unknown user will not get more than a specified number of chances. And if he/she tries to login after that then this plugin will block any login attempt from that computer at least for 24 hours. You can change this time limit & also the number of incorrect Login attempts from your admin panel.
Like this way this plugin limits number of login attempts to your WordPress admin panel. So, it’s my personal suggestion to my reader that you should keep your password much stronger which will be difficult for unknown user to guess. If your password is not safe then your first job is to change your password.
Using this plugin will make your site secure from being cracked. And also you can keep track of IP from where someone is trying to logon to your WordPress account. It also has a feature that it notifies you when someone is locked out. Along with this plugin, It’s better to keep a strong password is which cannot be easily guessed.