Our free plugin, Defender, beefs up your WordPress site’s security with Pwned password protection, force password change, and other enhanced features!
Defender will secure your site against password leak attacks and block logins from users entering known compromised passwords that exist in Pwned database breach records.
You can choose the user roles for who you want to enable password checks and force a password change if a password is compromised.
Let’s take a quick look around at what’s new with Defender! They include:
- Pwned Passwords
- Force Password Change
- Force Bulk Password Reset for All Users and Other New Features Coming Soon
With this release (and more coming soon), your WordPress site’s security game just got better.
Have I Been Pwned.
If a password is entered by a user and that password is found in the database, well, it will make them change it. Simple as that!
User passwords never leave the site, because it’s an important part of security. Passwords are hashed and only a part of hashed passwords are being checked.
To get set up with Pwned Passwords, it’s as easy as going to Tools > Pwned Passwords. Once here, Defender can get this feature set up by clicking Activate.
Then, you determine User Roles. This will decide the user roles you want to enable pwned password checks for.
Choose as many roles as you’d like.
You can select or deselect user roles at any time (except for Administrator, which can’t be disabled). Just be sure to click Save Changes once configured, then your Pwned Passwords feature is all set.
2FA, Login Protection, Firewall — and much more!
Smush. Soon, Defender will exclude images that have been optimized by Smush from Malware Scanning reports.
Plus, you’ll be able to deactivate Malware Scanning when all scan options are unselected.
And, coming soon Defender will also have a ReCaptcha feature.
The Best Defense Doesn’t Stop There…
Defender is constantly beefing up his security. These new updates are just an inkling of what’s to come, thanks to his awesome team of developers. You can always check out our Roadmap to see what’s on the horizon.
If you’re not using Defender yet, you’re missing out on the security protection that we just talked about. Plus he includes 404 Detection, Geolocation IP Lockout, ability to disable trackbacks & pinbacks, Core and Server Update Recommendations, and other features. All for free!
For a detailed look, be sure to read our article on getting the most out of Defender security.
Source: wpmudev.com