Most financial institutions and large companies require you to add security questions on your account for identity verification. Recently one of our readers asked if it was possible to add security questions in WordPress to add an additional security layer. In this article, we will show you how to add security questions to WordPress login, registration, and reset password page.
Why Add Security Questions to Login & Registration Forms in WordPress?
There are many ways toΒ protect WordPress admin areaΒ from unauthorized access. However, if you run a multi-user orΒ WordPress membership site, then it becomes difficult to choose between security and user experience.
Adding a security question to your WordPress siteβs login screen acts like an additional password. Your users can choose a question from a list of random questions and then add an answer to that question.
This makes it difficult for hackers to enter a website using compromised password or email address.
Having said that, letβs see how you can easily add security questions to your WordPress site.
If you donβt like the video or need more instructions, then continue reading.
Adding Security Questions to Improve WordPress Login Security
First thing you need to do is install and activate theΒ WP Security QuestionΒ plugin. For more details, see our step by step guide onΒ how to install a WordPress plugin.
Upon activation, you need to visitΒ Settings Β» Security QuestionsΒ page to configure the plugin settings.
You will see a list of security questions already setup. You can add your own security questions by clicking on the βAdd moreβ button at the bottom. Alternatively you can also edit or remove the existing questions.
At the bottom of the settings pages, you will find the options to enable security questions on login, registration, and lost password pages.
Donβt forget to click on the save settings button to store your changes.
Thatβs all. From now on all users on your site will be asked to select and answer their security question on the login page.
Your WordPress siteβs registered users can visit theirΒ ProfileΒ page to select a security question and add their answer to it.
Users who do not set a security question will still be able to login by just using their username/email and password.
If you enabled security questions on registration page, then new users will be able to select a security question during registration.
Enabling security question on forgot password page will ask users to answer their security question to get the password reset email.
If a userβs email address is compromised, then this would stop someone from gaining access byΒ resetting password.
At Pluginthemehub, we use Sucuri to protect our website from malicious attacks and login attempts. Sucuri is a web security company that offers website monitoring and firewall services.
SeeΒ how Sucuri helped us block 450,000 WordPress attacks in 3 months.
We hope this article helped you learn how to add security questions to your WordPress login screen. You may also want to see our guide onΒ how and why you should limit login attempts in WordPress.
If you liked this article, then please subscribe to ourΒ YouTube ChannelΒ for WordPress video tutorials. You can also find us onΒ TwitterΒ andΒ Facebook.