How To Turn On/Off the WordPress Security Admin System

The Security Admin system is a powerful security layer that restricts access to the Shield Security plugin, preventing unauthorized changes to your security settings. This feature is designed to stop other admins on your site from altering settings they don’t understand, or, if an admin account is compromised, to make it harder to switch off security restrictions.

How To Turn On the Security Admin

The Security Admin system is disabled by default. To turn it on, go to the Security Zones section > Security Admin > Security Admin Protection, and enter a Security Admin PIN in the "Security Admin PIN" field.

Once you've done that, use the Security Admin Timeout option to specify an automatic timeout interval for Security Admin access. (see screenshot below)

Security Admin PIN & Timeout

Important Points

1. The Security PIN is a password that you create. It can be anything you want.
2. If you do not enter a Security PIN, the system will not be enabled.
3. You must remember the Security PIN; if you forget it, you will not be able to access the plugin's settings.

How To Turn Off the Security Admin

To turn it off, please follow these steps here.

What If I Forget My Security Admin PIN?

If you happen to have lost or forgotten your PIN, please follow the guide outlined in this article here.

Note: You can also use the Persistent Security Admins option to specify/whitelist security admins that do not need to authenticate with the security PIN.

For more background on the Security Admin system, read our blog article here.