Login Lockdown promises to protect your blog from hackers trying to attack your blog with brute force. Sounds good, but it is easily broken. What is the alternative?

If a hacker wants to try to access your blog they might simply try guessing your password by running a program that tries millions of different password combinations. This is a brute force attack and if the hacker is determined enough, they will guess the password in the end.

Login Lockdown promised to stop these attacks very simply by stopping the login form from working after a number of login attempts, that you decide. If a single IP address is involved in too many failed logins in a short time, then they cannot try again for an hour. This would mean that hackers would either need to come back later or all of their attempts would then be ignored.

However, whilst the theory is good, in practice I was able to easily defeat Login Lockdown on my own WordPress blogs. I could purposely fail to login, get the message and then immediately login. Whether it is something in my set-up or poor testing, I don’t know.

So, as an alternative to Login Lockdown I looked around and instead found Limit Login Attempts. It is the same idea, but this time all of my crude testing attempts to beat it failed. Once I was told I was locked out I really was.

Limit Login Attempts gives a few more options, which I like. You can lock down your admin from login attempts from an IP address after a set number of failures, and you determine the lock down period, e.g. an hour. Further, if the person gets locked out again, you can extend the lock down period, e.g. 24 hours, meaning hacking attempts should take forever!

If you aren’t using it already, Limit Login Attempts is not only a good alternative to Login Lockdown, but actually the tool that I would recommend as the first choice.

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

If you want to keep up with our latest posts, just follow us on our RSS feed, join our weekly newsletter or follow us over at Twitter. Please do join in - it is totally free and only the best posts are passed to you!

Also, leave a comment below. We are a 'DoFollow' blog, so it is well worth your time. Thanks for calling in.

Similar Articles You Might Like To Read:
    Limit Login Attempts – better than Login Lockdown! After a little bit of research, I have removed Login Lockdown and instead installed Limit Login Attempts. After trying them...
    Limit Login Attempts And Lock Out Hackers One way hackers will try to hack into a target website is by running a program that tries thousands of...
    Locking Down Your WordPress Admin Login If someone is going to attempt to attack your blog through brute force, a good password and an unusual admin...
    Protecting WordPress From Brute Force Hackers So, what can we do to protect out blogs from brute force attacks, where hackers just spend ages trying out...
    Login Lockdown Does Not Always Work! I do not know quite what made me do it, but I went to the admin logon screen of one...
    Locking Lockdown – does it actually work? It was, until recently, one of the plugins that I listed on by top 5 plugins. However, after some playing...
    Securing WordPress – 7 Essential Security Steps For Every Blog Preventing hackers and other unwelcome people from accessing your blog is essential. But WordPress, if not correctly used, can be...
    Protecting Your Admin I have talked already about important steps such as using a secure password and changing your admin user id, but...
    My Five Must-Have WordPress Plugins We all have different plugins that we cannot live without and I certainly have a collection of 5 very important...
    Alternative Ways to Get Traffic to Your Blog Fed up with the difficult and expensive methods of driving traffic to your blog? Do you want some alternative methods...