How To Add A Security Question To WordPress Login Page
April 11th, 2017 | by Ravi Chahar || 10 Comments |
Every now and then people are afraid of their websites’ security. It’s natural because many websites get hacked every year.
Have you ever thought to add a security question to WordPress login page? Well, this is one of the security layers you can add to your WordPress website.
For WordPress beginners, it’s a challenge to harden their website security. They try seeking for the right resources but fail.
You can use two-factor authentication, password protect your WordPress admin directory, disable directory browsing and more.
In this tutorial, you will learn to add a security question to WordPress login page.
Why Do You Need To Add A Security Question
There are many websites with multiple users which can be targetted by the hackers due to the vulnerabilities. If you have a single user website then it’s more important.
You may not have taken enough security actions. You may read many times about the brute force attack which are basically implemented on the login page.
Whenever you add a security plugin, you can easily see the number of fake login attempts.
That’s the reason you should add an extra layer of security. Adding a security question will act like another password.
If you want to add more users then it will help you all.
Start Adding The Security Question To Different Pages
The best thing about using WordPress is its plugins. To accomplish this task too, you have to use a security question plugin.
Install and activate WP Security Question plugin.
After installation, you will see a new option (WP Security Questions) in the WordPress admin panel. Open its settings and you will see the list of question you can use.
If you scroll down, you will see an option to add more questions. This is great because you can add your own security question.
And it’s always recommended to use a custom question so that only you can have access to your WordPress website.
Just below it, you will see a few more options to choose the page at which you want to enable the security question.
On the login page, registration page, and password change page. The choice is yours whether you want it only on the login page or on all.
Don’t forget to save the settings.
For every user, you can easily set your own question by navigating to Users>>Your Profile and scroll down.
You will see “My security question”. Choose your question and enter the answer. Save the settings and you’re done.
Whenever you or anyone else will try to open the WordPress login page, an extra field asking the security question will also appear.
Along with the question, fill your answer and login to your admin panel. If you have used it for your password change page then it will appear there too.
Though it’s recommended to remove password lost link from your WordPress login page for security concerns but still if you keep it then don’t forget to add a security question.
Depending on your settings, the question box will appear along with all the login fields.
Congrats, you have successfully added another security to your website.
Can You Now Add A Security Question To WordPress login Page
Most of the beginners fret a lot which they shouldn’t. You can’t learn until you try. Using a WordPress plugin is easy and the plugin configuration isn’t hard as it seems.
All the options mentioned in the list are the most common questions you can easily see at any membership website. Many e-commerce websites have also enabled it.
I hope it was not hard to add a security question to WordPress login page. If you still have any doubt, feel free to drop a comment.
You can also connect with us on Twitter, LinkedIn, and Facebook.
Having an extra security level is necessary now. Like you mentioned sites are getting hacked so you have to do all you can to protect yours.
I didn’t know there was a plugin to allow you to do this with ease. So know there’s really no excuse why bloggers can’t take their security to the next level.
Most of the bloggers think that WordPress is a complicated platform which requires experts to do these common tasks. Adding a security question isn’t a hard thing.
Just the simple use of a plugin and you’re done. One more security layer will get added.
I am glad that you understand the importance of security.
Thanks for sharing your thoughts.
I am always looking for ways to harden my WordPress blog. Most people don’t think about security until it’s too late. As bloggers, it’s important to take steps to protect our online asset.
I had no clue that you could add a security question to your blog. It’s amazing, there’s virtually a plugin for practically anything you can think of on WordPress.
It still amazes me that someone would even consider starting a blog on a free platform. A self-hosted blog gives you so much freedom to do anything.
I’ll definitely have to check out the WP Security Question plugin. Thanks for sharing this information, I know it’s going to help people secure their WordPress sites so they can feel more secure.
Have a great day 🙂
WordPress is a way more explored than people think. Starting a blog on the free platform can’t give you enough control. You can’t add such security layers.
The best thing is the plugins listed in the WordPress repository. You would love this plugin too.
Thanks for taking the time to share your words.
Superb stuff, Ravi. And on a related note, i’ve always wondered how to add a simple question to the registration page without a plugin. Is that even possible?
It seems that modifying said pages (login/registrations) always require plugin assistance (at least from my perspective, since im not a developer). Sometimes I feel this is a shame, as I don’t want to have yet another plugin for that one single purpose.
In any case, this is a nice plugin you suggested, and quite a good alternative to standard CAPTCHAs and related methods.
You can alter the WordPres login page with codes but may block the JS and CSS which will directly show an error in the Google Search Console. There are a few things which should be done using the plugins only.
You wouldn’t want to mess things up. If you don’t want to use this plugin then there are many alternatives to secure your login page. You can password protected the wp-admin directory.
Thanks for stopping by.
Ah, i hadn’t quite thought about password-protecting the actual directory.
Thanks a lot Ravi, im loving your technical posts.
Is it possible to do this without installing WP security question plugin? Adding more plugins will make the site more vulnerable?
As I have told Elvis, adding a security question is possible with a plugin for now. But you can do other things to add the security layers. You can add two-factor authentication without a plugin and with a plugin.
You can restrict the email login and a few other things.
That’s superbly nice addition I can have on my login page!
I know this is the most-needed function and I am glad you covered this sensitive topic as you know, the security is the mess in these days.
Everyone turning towards blogging but having no prior attention to securing their sites which is already the mess…
So, I thank you for this one! 🙂