How to protect wordpress from hacking user accounts?

B

blabs2016-04-21 21:36:07

CMS

blabs, 2016-04-21 21:36:07

Created a service based on wordpress. Periodically, users of the service complain that their accounts are hacked. How can users be protected from such hacks?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

N

Ninja Mate, 2016-04-21
@victorzadorozhnyy

https://wordpress.org/plugins/wordfence/ block after 3 attempts of incorrect input for 20 minutes, the second time for a day and immediately for a day if the username is not correct (this is optional)
captcha be sure
to enter the login panel transfer
the password strength check when registering and when changing the
alert, set up when you try to enter the password 3 times for soap
from the more radical ones, you can send the token via SMS to the entrance or set up the entrance via the social network (they are more difficult to hack at times)

S

Sanes, 2016-04-21
@Sanes

Take away their computers. Well, or make authorization by SMS.

X

xmoonlight, 2016-04-21
@xmoonlight

Issue an authorization token for specific server or client parameters (subnet, browser, domain, url, etc.).
Initiating token - send via e-mail.