By default, WordPress allows unlimited number of login attempts and this can be a little dangerous as passwords can be cracked by trial and error method.
Here’s how you can limit login attempts to your WP admin dashboard easily by just using a plugin.
#1 Download, install and activate Limit Login Attempts plugin
The plugin is created by Johan Eenfeldt.
#2 Once the plugin is activated, head over to Settings >> Limit Login Attempts
The above is what you will see.
- Under Total lockouts, it shows the records of the lockouts if there is any
- Under Lockout, here you can specify the number of allowed retries, set the lockout duration, set the max number of lockouts and the max amount of time locked out if the max number of lockouts is reached and set the duration of hours until retries are reset
- Under Site connection, you can select direct connection or from behind a reversy proxy
- Under Handle cooking login, you can check yes or no
- Under Notify on lockout, you can select Log IP or Email to admin after a number of lockouts
Once you have made the changes, click Change Options and the login attempts to your WP admin dashboard is now limited.