Do not use admin as your username
- Go to Users> Add New
- Give the user a unique name that is difficult to guess (you can change what the name appears as on the blog later)
- Make sure the user is added as an administrator
- Enter a secure password
- Delete your old admin login
Activate the Akismet extension to prevent spam
Add two-step verification
There are several ways to do this for your WordPress blog but I thought I would mention two simple ones.
Choose to log in with your wordpress.com account and put two-step verification on it
- Install and activate the Jetpack plugin if you have not already done so (it is a plugin created by WordPress with lots of great features that make your blog better).
- Go to Jetpack> Settings in the admin panel of your blog
- Click the security tab
- Click in Simple login and press the arrow and select require two-step authentication
- Download and install the Functionality extension or, if you use a child theme, open your functions.php file in your favorite text editor (always make a copy first).
- Above the?> Tag paste the following snippet of code to hide the standard login form so the only way to log in is through wordpress.com with two-step verification.
add_filter (‘jetpack_remove_login_form’, ‘__return_true’);
Use the Unloq.io extension
unloq.io is a free service similar to Clef where you get a user, download the app, install Unloq on your blog and then use the app to verify your logins.
You can choose to have both Unloq and a regular login password or let Unloq completely replace your login. If you lose your mobile, you can still log in with a temporary password that is sent to the email that you registered in the app.
Always update WordPress, themes, and all your plugins
A big reason why the WordPress installation, plugins and themes need to be updated so often is that new security holes are discovered and must be covered again.
Therefore, it is important that you always make sure that your entire page is updated – both WordPress and themes and extensions.
A good way to ensure that you can always update your theme even if you have made your own changes and additions is to use a child theme that I wrote about earlier.
Install the All in One WP Security & Firewall extension
This security supplement is the one that has superb reviews. Install the All in one WP Security & Firewall extension today for increased WordPress security.