The WP Login Security 2 plugin adds an extra layer of security to your login process.
Why WP Login Security 2 Is Important
WP Login Security 2 intelligently adds another layer of security to the login process.
The plugin keeps track of the IP addresses used by administrators. If an administrator tries to login from an unknown IP address an activation link is emailed to the registered email address of the administrator. Until the activation link is clicked the administration panel is blocked.
Even if someone steals your WordPress user name and password they will be unable to login unless they also have access to your email.
How You Complete This Security Checkpoint
Add and Activate the plugin.
- An email with the activation link will be sent to your email address:
Subject: [My Website] WP Login Security Alert
Someone has logged in with the below information from an IP we haven’t seen before.
To authorize this IP address, please click the following link: http://www.mywebsite.com/wp-login.php?action=registerip&wpls_ipkey=d41d8cd98fasdfas98837498ecf8427e
From now on when you log in from this IP address you will allowed in straight away.
In case you experience difficulties logging in you can always disable this plugin by renaming (or removing) the plugin folder wp-content/plugins/wp-login-security-2.
There are three other two factor authentication plugins you might want to consider.
Note! We have not tested these plugins.
Plugin Page: http://wordpress.org/extend/plugins/second-factor/
Second factor adds another layer to the login process making it more secure.
The first factor is your user name and password. This plugin will email a one time code to the users email address. This code has to be entered before the login is complete.
Even if someone gets your user name and password they will be unable to login unless they also have access to your email.
The Google Authenticator plugin for WordPress gives you two-factor authentication using the Google Authenticator app for Android/iPhone/Blackberry.
You may already have the Google Authenticator app installed on your smartphone, using it for two-factor authentication on your Gmail or Google Apps account.
The two-factor authentication requirement can be enabled on a per-user basis. You could enable it for your administrator account, but log in as usual with less privileged accounts.
Duo Two-Factor Authentication
Plugin Page: http://wordpress.org/extend/plugins/duo-wordpress/
This plugin enables Duo Security’s two-factor authentication for WordPress logins.
Duo provides simple two-factor authentication as a service via:
SMS-delivered one-time passcodes
Duo mobile app to generate one-time passcodes
Duo mobile app for smartphone push authentication
Duo hardware token to generate one-time passcodes
Please leave them below. Thanks!