Brute force attacks on WordPress sites are nothing new. No matter how strong your password, you wouldn’t want hackers messing about with your login page. Thanks to DoLogin Security for WordPress, you can stop brute force attacks on your site. It support two-factor authentication. You have the option to maintain a blacklist/whitelist and limit access from certain countries and IP ranges.
This plugin lets you apply lockouts after a certain number of failed entries. You can also change the length of it in the back-end. Google reCAPTCHA, two step SMS authentication, and other security measures can be activated in the back-end. This plugin supports GDPR compliance. It keeps track of login attempts, so you can always read the logs to look for anything suspicious.