The free plug-in defender enhances the security of the word press site by protecting private passwords, changing mandatory passwords, and other enhancements! Defender protects the site from password disclosure attacks and prevents users from logging in with known corrupted passwords that exist in the Pwned database violation record. Select the user role to enable password authentication. If the password is corrupted, you can force the password to be changed. Should users be forced to reset their passwords? Now, defender’s forced batch password reset can be completed immediately! The
Let’s take a brief look at the new features of defender. This includes: Password mandatory password change by resetting the mandatory batch passwords of all users and the new features to be provided this release (to be added soon), the security game of WordPress website has been further improved. Password Pwned passwords are more than 613million actual passwords exposed due to data leakage. This is not suitable for continuous use because it is more risky to surpass other accounts. Male defender is here to protect your password! The password entered by the user in the default login and registration form will be compared with the database violation records publicly accessed by have I been Pwned to determine. The
If the user enters a password and finds it in the database, the user changes the password. Easy! User passwords are an important part of security and therefore do not leave the site. The password is hashed, and only part of the hashed password is confirmed. To set Pwned passwords, it’s as easy to go from defender’s dashboard to tools>pwned passwords. Here, defender can set this feature by clicking activate. To enhance additional security, just click once. Then determine the user role. This determines the user role to enable password authentication. The
Select roles as needed. You can select or deselect user roles at any time (except administrators who cannot be disabled). After configuration, click save changes to enable all Pwned passwords features. When a user needs to change his password, he cannot access other pages until the password change is completed. They are immediately redirected to the password reset page to change it. Force password change is a part of Pwned password. When Pwned password is active, it will be active by default. The
In addition, if the user tries to add a Pwned password, the system will prompt the user that the password must be changed. In the force password change area, you can customize the message as needed. Add the customized information you want! The login area displays the following message: How does the information look. Once a user enters a user name or email address, it can be changed immediately. After logging in, you can access the normal user role. Of course, it is easier than ever to disable this feature if necessary. Just click disable. It is at the bottom of the screen in the Pwned password area. Also, note that if the user has entered a password, the password is not saved, but a custom message is displayed. The
With this latest addition to defender, you and your users don’t have to worry about using corrupted passwords. This is just one of the many password security features that defender needs to provide. Defender includes 2fa, login protection, firewall, etc. Male force a large number of passwords to be reset for all users and other new functions
