Security of login forms
- This topic has 2 replies, 2 voices, and was last updated 2 years ago by
.
-
Posts
-
-
Hello David
I’m just redesigning my login page a little bit. Doing this, I was wondering how secure the login form should be.
Should I use reCaptcha?
What about brute-force and how to set it enough secure but not annoying for my customers?
And other security aspects?Which plugins/functions do you use on your login page?
And with which parameters are they set up? (like e.g. allowed logins with error only 5 times per 10min)
Thanks for your reply.
Daniel -
I wouldn’t put reCaptcha on there unless a problem arises. In all likelihood, you won’t experience an issue on your login, but reCaptcha has a 100% chance of annoying people when they try to log into your site.
I don’t do anything special with mine. I change the URL using a plug-in called WPS Hide Login, that way they’re not accessing the default WordPress login script.
Throttling their login attempts would be enough to ward off a brute force attack, if you’re worried about that.
-
Thanks David.
Yes, reCaptcha can really be annoying in my eyes too. I always hate to see it, when I login on a website.
Then I would say, everything is already fine with my actual set up. Great! 🙂
-
-
- You must be logged in to reply to this topic.