How to turn on/off the WordPress Security Admin

The WordPress Security Admin is powerful security layer that restricts access to the Shield Security plugin itself preventing unauthorized changes to your security settings.

This feature is solely designed to prevent other admins on your site from tampering with settings they don't understand, or, if an admin account is compromised, to make it harder to switch off security restrictions.

How to turn on the Security Admin

The Security Admin is disabled by default. To turn it on, simply supply a Security Admin PIN into "Supply/Confirm Password" field.

Once you've done that, use the Security Admin Timeout option to specify an automatic timeout interval for Security Admin access:

Security PIN is a password that you create. It can be anything you want. You must remember it as if you do not, you will not be able to access the settings of the plugin. 

Please note that, if you do not enter the security PIN, the option will not be enabled.

How to turn off the Security Admin

To turn off Security Admin you must be authenticated with the plugin first (you have to provide your security PIN). 

Once you've done this, you can use Disable Security Admin option detailed here

Important: If you happen to have lost or forgotten your PIN, follow the guide outlined in this article here.

Note: You can also use the Persistent Security Admins option to specify/whitelist security admins that do not need to authenticate with the security PIN.