But, Do You Know WordPress has less Security. It is easier for Hackers to hack your WordPress Blog. You may have heard some news in the last few years about the number of WordPress blogs hacked.
Now, we come to the point, WordPress blogs are prone to Brute Force attacks due to default username “admin” . Many Newbie users find themselves vulnerable due to this tiny mistake. But, If they change Username, They will be safe?
No, They will still not be safe because of too much Hacking tools available for brute force attacks. Yes, Changing Username will make it hard, but it has still be vulnerable until you find a permanent solution. So, here we will learn How to Secure WordPress Blog from Brute Force Attacks but before doing that we should learn How hackers can find out Usernames of your WordPress Blogs.
Tricks to Find Username of WordPress Blogs:-
1. One way of doing this is by following the below given URL and editing with the Blog Address you want to know the username.
Just Copy & paste this URL, Edit it with Blog Address and Hit Enter. In most Cases you will find out the Username of the Blog. It Will show something like this “http://blogAddress.com/author/username”
We just implemented this method on a blog.We will not disclose the Address of that Blog due to security Reasons. See the Screenshot Below.
Now, what if you want find our Usernames of Multiple Authors (Real Authors, Not Contributors) of a Blog. It is Quite the same thing you need to apply with little changes in it.
2. Second Method is by Trying to Log in using Username. But this can only be done if Hacker has a little knowledge about your username. The Hacker can get Knowledge by trying first method and then, confirm using this one. Below are the Steps which need to be followed.
- Open WordPress blog where you want to check Username Correctness (In this Case, we will Open the same Blog where we tried the above given method).
- Now, Go at Log In Page and Click “Forgot Password”.
- Now, WordPress will Ask for the Username to Enter.
- If you Entered Correct Username, then, A message will be shown on Screen “Email with Link to Change Password has Been Sent to Email Address related to this Username” or Something similar message. If this message shown on Screen, Username You entered is Correct. If it shows any errors, then, Username is incorrect.
Now, these are ways to find out and then, Confirm Usernames in WordPress Blogs.
Note: – This may only Work on Low Security Blogs. So, don’t get shocked if it doesn’t Work.
Motive: – My Main Motive behind Writing this Article is to create Awareness among those users who don’t think they need to change Default username or those who don’t take Security of their Blogs Seriously. So, try this on your Own blogs, if it doesn’t work, then your blog has better security.
How to Protect Against Brute Force Attack?
This can be done using Few Tricks. Below are all those Tricks You can use to save your blog from any brute force attacks.
Method #1 : – Use Strong Password with Mix of Number, Characters and Symbols
This is the main thing you need to care about. Most people will use a small password because Remembering long passwords can be painful for a person who has a short memory. But You need to do this, to increase security of your blog. So, use all kinds of tricks while selecting a password.
- Use Symbols, Characters and Numbers
- Don’t Include Your Name, Date of Birth or any other common detail in your Password.
- Use at least 10 Characters, 5 Numbers, and 5 Symbols because longer password will rarely get broken. (This is only My Advice, you can mix it according to Remembering Capability)