| Hackers often use brute force attacks to try to gain | | | | letters, upper case letters, numbers and special |
| access to your WordPress administrator. They are | | | | characters. PCTools provides a great online password |
| trying thousands of combinations of your username | | | | generator on their site. |
| and password until they get the right one. WordPress | | | | #3: Installation of Login LockDown |
| doesn't allow you to choose the default admin | | | | Login LockDown allows you to set a threshold for |
| username so they already know half of what they | | | | failed login attempts before a user is blocked. From |
| need. You can, however, easily add the extra security | | | | their WordPress plugin directory description: |
| you need. | | | | Login LockDown records the IP address and |
| #1: Change the admin username | | | | timestamp of every failed login attempt. If more than a |
| The first thing to do is change the default admin | | | | certain number of attempts are detected within a |
| username. First login to your control panel (often | | | | short period of time from the same IP range, then the |
| cPanel) and go to your database editor (normally | | | | login function is disabled for all requests from that |
| phpMyAdmin), select your WordPress database, | | | | range. |
| browse the wp_users table and edit user id 1, this is | | | | The installation process for Login LockDown is like any |
| the original admin user. Pick a username other than | | | | plugin. From the WordPress plugin site download the |
| "admin". This step will already almost eliminate any | | | | .zip file. From the WordPress admin go to Plugins > |
| chance of your login being guessed since most | | | | New > Upload. After you upload the file you'll want |
| hackers will just use admin for the username. | | | | to activate the plugin. At this point you can setup your |
| #2: You need a better password | | | | login rules. |
| You will also want to make sure that you have an | | | | Taking these easy steps will give you a great |
| admin password that can't be guessed. You'll want to | | | | jumpstart on protecting your Joomla site.. You will also |
| have at least 8 characters with a mix of lower case | | | | need a secure WordPress hosting company. |