WordPress Plugin: Lock Accounts After Invalid Logins with User Locker

As the popularity of content management systems such as WordPress increases, the number of security threats will also increase.  Your first defense against intruders is the WordPress login page.

By default, there is no limit to the number of times a user can attempt to login to WordPress.  This makes your website vulnerable to brute force and dictionary attacks.  Making sure you have selected a secure password is a first good step, but it is not always possible to enforce this with all users.

A great solution is to limit the number of invalid logins with the User Locker plugin.  Once the plugin has been installed, it is set by default to lock the user’s account after 5 invalid login attempts.  This number can be changed on the plugin’s setting page.

userlocker-setting
User Locker Setting

If the number of invalid login attempts has been reached, the user is shown the message below and directed to reset their password.

userlocker-locked
Locked Account

An extra column is also added to the User menu in WordPress to show what user accounts have been locked.

Locked / Unlocked Users
Locked Users

Have you used this plugin and would you recommend it to others?  Let us know by commenting below.


Posted

in

,

by

Comments

8 responses to “WordPress Plugin: Lock Accounts After Invalid Logins with User Locker”

  1. Jim Hutchinson Avatar

    Sweet! I was looking for something like this. Thanks for posting it.

  2. Jim Hutchinson Avatar

    Sweet! I was looking for something like this. Thanks for posting it.

  3. […] here: WordPress Plugin: Lock Accounts After Invalid Logins with User … Latest & Greatest Themes from Themeforest.net Glistor WP CMS + PORTFOLIO + BLOG3 […]

  4. Ioanopris09 Avatar
    Ioanopris09

    Great plugin.
    I have 1 question , is there any way of tracking who’s trying to log in ? One of my users got his account blocked twice so far, and is definitely not his mistake.
    Thanks.

    1. Dustin Patterson Avatar

      Yes, Audit Trail is a great way to track login attempts along with tracking other functions of WordPress. http://wordpress.org/extend/plugins/audit-trail/

  5.  Avatar
    Anonymous

    nice plugin for every wp-admin

Leave a Reply