When it comes to WordPress security, there are plenty of ways you can harden your WordPress security e.g. using good WordPress hosting, using a security plugin, log out idle users, avoiding nulled plugins etc. They are the common ones. However, hardening WordPress login page especially is quite a bit unknown to most of the WordPress beginners.
Have you ever wondered to add a security question to your WordPress login page? Well, this will provide an extra layer of security to your website login page.
You probably saw that most of the financial and educational websites ask to set your personal security question and answer during the registration. It’s because to verify the user identity to check whether the person is real or fake. It also prevents brute force attack.
The same you can add to your WordPress site easily. In this article, we will show you how you can add security question option to your WordPress login page to improve your security.
Why Add a Security Question to Your Login Page
If you are running a multi-author WordPress blog where many users usually register and login using your login page, it can be targeted by the hackers and can run brute force attacks.
You might check out a lot of times about the brute force attack which is essentially carried out on the login page. In short, hackers run brute force attacks on website login page by using automated tools to generate an unlimited number of username and passwords.
If you or your users are using a simple password that is easy to guess, then the account can be hacked easily.
By adding a security question, users who try to login will require their answer they have set during the registration. This way it will add an extra layer of security to your login page.
That’s the reason you need to include a security question. Including a security question will imitate like another password.
How to Add Security Question to Your WordPress Login Page
To add a security question on your WordPress login page, all you need to install and activate WP Security Questions plugin.
Once activated, go to WP Security Questions> Plugin Settings from your WordPress dashboard.
From there, you can add or remove security question.
By default, the plugin comes with pre-added questions that you can choose. If you want to add or remove any question from the list, just click on remove or add button.
Next, go to the bottom of this page and check where you want to enable security question.
Login Screen: This will add a security question to your WordPress login page.
Register Screen: This will add a security question to your WordPress registration page.
Forgot Password Screen: This will add a security question to your WordPress forgot password screen page.
Once done, click on Save Changes.
Now go to your WordPress registration page and check whether the question option is working.
Here’s how it looks like:
Note: After installing this plugin, only new users can set their own security question and answer.
To manually set a security question and answer to a registered user, go to Users> Your Profile and at the bottom, you can see an option “My Security Questions” and set your question.
Similarly, you can set a security question or answer from their profile section or you can notify them to set it from their end.
That’s it. This is how you can easily add security questions to your WordPress login page.
By adding security questions to your WordPress login page, you can significantly improve your website security. If you are already using a WordPress security plugin, then this plugin together will take your site security to the next level.
We hope this tutorial helped you to add security questions to your WordPress login page. If you have any question, do let us know in the comment section.