Password Policy Manager, A WordPress Plugin, recently introduces their new update with new features (v2.4.0)
This exciting update includes the long-awaited new feature of blocking users who have made multiple failed login attempts, as well as other improvements and updates.
WordPress allows users to log in as many times as they like by default. This feature is often abused, with attackers using readily available automated tools to perform dictionary attacks and guess the passwords of your website’s users.
You can now avoid this by setting a limit on the number of failed login attempts per account. For example – After 5 unsuccessful attempts, the plugin locks the user temporarily.
Once a user has been blocked, the user’s login attempts are not sent to WordPress, limiting the resources that such attacks consume as much as possible.
Users that have been locked can be unlocked automatically after a certain period of time, or administrators can unlock them manually.
We are happy to announce Password Policy Manager #plugin update 2.4.0.— WP White Security (@wpwhitesecurity) March 31, 2021
This exciting release features the much anticipated new feature to block users which have failed login attempts as well as other updates and improvements.
See what's new & improved.https://t.co/T9rJrM15bU
They’ve also included the following changes in this update of the Password Policy Manager plugin:
- Passwords created automatically now fit the policies.
- Input validation in backend fields has been improved.
- The plugin now uses timestamp() rather than time() to keep track of the time zone set in WordPress.