What are the Brute Force Login Protection feature options?

A brute-force attack is an attempt by the attacker to discover a password by trying a combination of letters, numbers, and symbols until he discovers the one correct combination that works. If successful, a brute force login attack enables the attacker to hack your account, log in to your site and steal information.

If your site does not require any login protection, you are a good target for a brute-force attack.

Shield's Brute Force Login Protection feature is designed to block brute force hacking attacks against your login and registration pages.

Brute Force Login Protection options explanations

The options available are as follows: 

  • Antibot Detection Engine
    You can use AntiBot Detection Engine to detect Bots.

    AntiBot Detection Engine is ShieldPRO's exclusive bot-detection technology that removes the needs for CAPTCHA and other challenges.
    This feature is designed to replace the CAPTCHA and Bot Protection options.

    Important - Switching on this feature will disable the CAPTCHA and Bot Protection settings.

  • Protection Locations
    You can choose the forms for which bot protection measures will be deployed
    • login form
    • registration form
    • lost password form
    • Checkout-WooCommerce).
      Use with 3rd party systems such as WooCommerce, requires a Pro license.
  • Login Cooldown Period
    Limits login attempts to every X seconds. WordPress will process only 1 account access attempt per number of seconds specified.
  • Bot (GASP) Protection
    Protects WP login from automated login attempts by bots. It adds a dynamically (Javascript) generated checkbox to the login form.
    Adds Google reCAPTCHA or hCAPTCHA to the login screen. You can: use CAPTCHA on the user account forms such as login, register, etc.

    Note: You'll need to setup your CAPTCHA API Keys in 'General' settings first.

    Use of any theme other than "Light Theme", requires a Pro license.
  • Antibot Forms
    Provide DOM selectors to attach AntiBot protection to any form.
  • 3rd-Party Support
    This option helps you to add support for 3rd-party login, register, and password reset forms such as Woocommerce, BuddyPress and Easy Digital Downloads. The 3rd-Party Support feature is enabled by default on Pro sites.

    To learn more about Brute Force Login Protection read our blog article here.