3. Add two-factor authentication

Even should you’re not utilizing ‘admin’ and have a robust, randomly generated password, brute-force assaults can nonetheless be a drawback. Don’t fear although, two-factor authentication may help defend your website.

The precept is that, somewhat than simply coming into your login particulars, you additionally want to substantiate that you simply’re you by coming into a one-time code from one other system you personal (normally by way of an app in your cellphone). That’s a lot tougher for attackers to faux!

Two widespread plugins for dealing with authentification in WordPress are the Google Authenticator and Rublon Plugin (which takes a barely completely different method). Simply just be sure you don’t lose your backup codes, otherwise you may end up locked out.