Thousands of website hacked every day & most of them due to some vulnerability in coding or choose commonly used passwords.
While talking about online security, WordPress is most vulnerable tool. What do you think, WordPress is not coded properly?
No, not because WordPress tool coding but because way to use it.. people install so many plugin and not check when they get updated last time, how many people are using, whether plugin is secure or not, theme they are using are authenticate or not and many more.
So this all things make your wordpress site more vulnerable of hacking.
WordPress login page is most vulnerable to Brute Force attacks. So when attacker keep trying to guess your password and if you are using simple password then there would be chance to get login.
And what more hacker want !!!
So make sure your login page should more secure and you can do various things like
- Limit login attempt
- Change login page URL
- Choose complex user name and password (Remove default one mainly)
- Implement captcha on login screen.
In this post we will discuss about how to implement captcha on WordPress login screen to stop login attempt like brute force.
Add captcha for wordpress login
Captcha is a test that distinguish human from machine input, So if we implement captcha then we can at least stop all machine inputs.
You do not need to code anything to add captcha on wordpress login page. We can directly use plugins to implement it in very small time.
Plugins for Captcha implementation
1. Google Captcha by Bestwebsoft & Captcha (reCAPTCHA) by BestWebSoft – Google Captcha plugin help you to protects your WordPress website forms from spam entries. You can use for login, registration, comments, password recovery, popular contact forms and other forms.
2. SI CAPTCHA Anti-Spam –This plugin add captcha in all forms like login, registration, Lost password, Buddy press register, Jetpack Contact Form, and comment. It help to prevents spam from automated bots and adds security.
3. WP Login reCAPTCHA –Plugin add reCAPTCHA to your login page so you can prevent bot or script from trying to login to your WordPress website.
4. All In One WP Security & Firewall – One of the best software for overall security and also help in wordpress login captcha.
I will show you here step by step guide of All In One WP Security & Firewall
1. Install All In One WP Security & Firewall plugin.
2. Under WP security choose brute force.
3. From the top tap choose Login Captcha.
4. Put check on “Enable Captcha On Login Page:”
Click the Save Settings button.
Now logout and login again to check feature implementation. .you will see captcha like below.
In addition to secure your wordpress website, get HTTPS version of the website. HTTPS protocol encrypts the data trnasferred between web server and client.To configure that, install an SSL certificate on your website. You can get SSL certificate from cheap SSl providers like SSL2BUY.
Hope this article help you to secure your wordpress website.