The wSecure plugin is a good choice for hardening WordPress admin security to prevent malicious visitors from your login page. The first defense to protect your admin login credentials is creating a unique user name instead of the default login name “admin”.
Using the term “admin” for a user name gives hackers half the info they need to access your WordPress site, so all they have to do is guess the password. Don’t be cute about your password either. Make it difficult to guess, and don’t have a universal password for every online account you own.
People crying in forums about their website being hacked are usually to blame because of poor security strategy. Check out the top 500 worst passwords of all time to see if yours is listed.
Hacking a site is not about a person going to your site and manually trying to gain access. They’re automated with scripts to input millions of user name and password combos without pressing a key. Pick unique names for your user and password to avoid getting hacked.
The culprits are happy to gain entry to a handful of websites and don’t mind if their robot has to try a million to get access to just a few.
Go beyond picking hard to guess user names and passwords. The wSecure plugin free download creates a secret pathway to the admin login page. It’s hard to disguise the fact you have a WordPress based site. Nearly all use the standard login page at [your domain]/wp-admin/, so getting to the login boxes is easy.
The wSecure plugin allows you to easily “disguise” the path with another level of security, so people going to [your domain]/wp-admin/ login page to attempt to gain access are automatically and instantly redirected to your home page. Follow the link in the previous paragraph to learn more about wSecure, and then consider adding the extra level of protection for hardening WordPress admin security.