Do you know that blogs that are created using Wordpress have a certain weakness?
The weakness is that Wordpress software allows unlimited attempts in trying to sign in.

This raises a security concern as hackers can try to hack your Wordpress ID as many times as he likes until the password is cracked.

Hopefully, Wordpress can address this weakness in their future version.

As for now, I have found a plugin that can help in preventing the hacker from trying to login as many times as he wishes.

The plugin is known as Login LockDown.

It will records the IP address and timestamp of every failed login attempt.. If more than a
certain number of attempts are detected within a short period of time from the same
IP range, then the login function is disabled for all requests from that range.

This helps to prevent brute force password discovery. Currently the plugin defaults
to a 1 hour lock out of an IP block after 3 failed login attempts within 5 minutes.

However you can change this default settings if you desire by going to the Setting->Login LockDown.

loginlockdown01 Wordpress blog does not block multiple ID attempts.

You can get the plugin here, .
http://www.bad-neighborhood.com/login-lockdown.html

Cheers Grin

Interesting articles:

review-of-atomic-blogging-3.0

link-that-open-in-new-tab-or-window

check-your-blog-posting-in-google

risk-with-wordpress-id

free-photos-for-your-blog

Reblog this post [with Zemanta]
Share and Enjoy:
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks

Like this post? Subscribe to my RSS feed and get loads more!