Login Dongle protects your login by means of a security question (AKA challenge/response) as an extra security layer. A bookmark is your login dongle.
How it works
- Go to your standard login page, fill in the form as usual, and click the bookmark.
- A prompt asks the challenge. Fill in the response, and accept.
https://www.youtube.com/watch?v=9zejJewYVi4
Why it works
- Under the hood, the bookmark submits login data, together with the challenge and response.
- If both challenge and response validate on the server, the login process goes on as usual, otherwise it dies.
- The login page stays exactly the same as usual, so attackers won’t know how to guess challenge and response.
- Only you know the response to the challenge, so nobody but you will be able to use the bookmarlet.
- People using your PC won’t be able to login even if your browser fills in the login form with your password.
Login Dongle is compatible with any other login plugin.
For more info, please refer to the FAQ and the user’s instructions you’ll find on the settings page after activating the plugin.
User Guides
- Dutch: http://www.wpsitemaken.nl/login-dongle
- English: http://www.itechdestiny.com/wordpress-security-with-login-dongle-plugin/
- English: http://www.shoutmeloud.com/secure-wordpress-login.html
- French: http://neosting.net/comment-securiser-acces-login-wordpress-2-etapes
- German: https://wordpress.org/support/topic/excellent-plugin-110
- Japanese: http://wp.8jimeyo.info/plugin/login-dongle/
- Turkish: http://hakanertr.wordpress.com/2012/07/24/login-dongle/
Quick Reviews
- http://forum.ait-pro.com/forums/topic/compatibility-question-for-custom-login/
- http://webscripts.softpedia.com/script/Modules/WordPress-Plugins/Login-Dongle-80067.html
- https://wordpress.org/support/topic/plugin-login-dongle-clever-plugin
- http://www.evohosting.co.uk/blog/web-development/wordpress-web-development/6-of-the-best-wordpress-security-plugins/
- http://www.labnol.org/internet/improve-wordpress-security/24639/
- https://www.linkedin.com/groups/Security-suggestions-1482937.S.199139568#commentID_110730071
- http://www.practicalwp.com/login-dongle-login-bookmarklet-for-wordpress/
- http://www.wtfdiary.com/2012/08/8-ways-to-secure-your-wordpress-blog.html
Available translations
- English (Andrea Ercolino)
- Serbian (Borisa Djuraskovic)
- Spanish (Andrea Ercolino)
- Turkish (Hakan Er)
NOTE: Here ‘bookmark’ and ‘bookmarklet’ are used interchangeably.
Uninstall Instructions
- Click the Delete button in the Plugins/Installed Plugins list.
If you manually removed the login-dongle plugin directory, or if your version was prior to 1.4.0, some garbage is left into your database. It’s harmless, but if you still want to clean it up, access the options table and remove all the rows whose option_name column start with login_dongle.
If your version was prior to 1.1.0, edit the wp-login.php file in the root
directory of your blog and remove the line that begins with do_action('login-start');
Banner
From Rusty door, taken by fotologic on August 14, 2010 in Penbryn, Wales, GB.