Today we are happy to announce WPassword update 2.4.0.
This exciting release features the much anticipated new feature to block users which have failed login attempts as well as other updates and improvements.
Let’s dive right in to see what is new and improved in this latest update of our WPassword plugin for WordPress.
Block users with multiple failed login attempts
By default, WordPress allows users to try to log in as many times as they want. This functionality is often exploited – attackers use easily available automated tools to launch dictionary attacks and guess your website’s users’ passwords.
However, now you can prevent this by limiting the number of failed login attempts per user. For example, after 5 failed attempts the plugin locks the user temporarily.
Once a user is blocked, the login attempts for that user are not even sent to WordPress, to limit the resources such attacks use as much as possible.
Locked users can be unlocked automatically after a configurable period of time, or administrators can unlock the users manually. For more detailed information and all the possible configuration options of this feature, refer to blocking user failed logins on WordPress.
Other noteworthy highlights
In this update of the WPassword plugin we have also included the following improvements:
- Automatically generated passwords now match the policies.
- Improved the input validation in backend fields.
- Plugin now uses timestamp() instead of time() so it is aware of the time zone configured in WordPress.
- Refactored script data and styles that were printed manually (now using the function wp_localize_script).
- Reduced the code by deleting duplicate code and merged functionality into a central function instead.
- Improved the “User last active” check – plugin updates this more often for more accurate check for inactive users on WordPress.
- More plugin text, especially text with links is now translatable.
For a complete list of what is new, improved and fixed in this update refer to the WPassword plugin changelog.
Update now to benefit from the new features and improvements
Thanks to your valuable feedback we were able to introduce the new feature that allows you to block failed login attempts and many other notable improvements in this update.
Use the WPassword plugin to configure strong password policies and ensure your team, customers & subscribers don’t jeopardize the security of your WordPress website.