I have talked already about important steps such as using a secure password and changing your admin user id, but here is another trick that you can use to protect your blog.

I talked about Login Lockdown a couple of weeks ago and some readers did mention that they use that very same plugin. The idea there is to prevent mass attempts to access your admin. But today I was working on a theory to protect my admin logins in various sites and searching around for a plugin.

My theory was to lock the admin screen down to just specific countries. This sounds very obvious, but does not appear to have been written. The nearest I found was WP Login Security.

What this does instead is every time it detects a new IP address being used to logon, it sends you a one time password to your registered email address. Then, you open the email and can gain access to your admin.

This means that even if someone does guess your userid and password, or gets them through keylogging, as long as they are not using a connection you have used, you will get the email notification and they will not be able to logon.

Where’s the downside? Well, it is great if you are using the same IP address most of the time. But, if like me you get a new IP address every time you connect to the internet (which includes when the connection randomly drops), then there will be a huge list of allowed IP addresses and a lot of confirmation emails to click on before access is allowed.

But, it is the price to pay for added security. I still think my idea will work and has mileage. All of the hacking attempts that I have detected have come from abroad, so by locking out foreign acess to my admins I should prevent at least most direct attempts.

Whether I get fed up going through one time passwords every time I want to log on only time will tell. I expect I will! But, in that time, at least my range of blogs are protected and maybe I can code my own plugin!