Failed Log-In Attempts
-
I have been receiving emails all day about failed login attempts from various IP addresses. Does this mean someone is trying to hack my website? What should I do to stop these attempts?
I don’t have a site linked to this WordPress.com account
-
Hey hi hello!
Firstly, can you share the URL of the website related to the failed login attempts? This way, I can check if it’s a website hosted with WordPress.com!
In the event that WordPress.com is the host, I suggest changing your email password, and then also improving your WordPress account security through the following:
1. Changing your password immediately
The link above details how to change a WordPress.com account password. Regardless of where the website is hosted, this step should be taken for the related account.
If the account uses a password that’s also being used at another place, then the password elsewhere should be changed.
Side note, sometimes, passwords are acquired through data breaches in other networks/services. To check if an email’s password has been involved in a data breach, you can enter the email address here: https://haveibeenpwned.com/
This website references a list of websites that have been hacked or had email info stolen, and then tells you if your email address is on the list.
2. Enabling two-factor authentication
This link has instructions on how to enable two-factor authentication for a WordPress.com account. With this, unauthorized people will not be able to access the account even if they somehow have the right password. Tangentially, I personally recommend activating this wherever you comfortably can.
I hope this helps!
- The topic ‘Failed Log-In Attempts’ is closed to new replies.
WordPress.com Forums 