Most financial institutions and large corporations require you to add security questions to your account to verify your identity. Recently one of our readers asked us if it is possible to add security questions on WordPress to add an extra layer of security.

In this tutorial, we will show you how to add security issues to protect connections on WordPress, registering and resetting passwords.

protection WordPress Blog

Why add security questions to your authentication forms?

There are many ways to protect the WordPress dashboard. However, if you have a multi-user or member's area blog, then it becomes difficult to choose between security and user experience.

Adding a security question to your WordPress site's login screen acts as an additional password. Your users can choose a question from a list of random questions, and then add an answer to that question.

This makes it difficult for hackers to access your dashboard by Brute Force, with combinations of passwords and emails. With that said, let's see how you can easily add security questions to your WordPress site.

Add security issues to improve security on WordPress

The first thing you need to do is install and activate the plugin WP Security Question. For more details see our step by step guide on how to install a WordPress Plugin.

After activating the plugin, you must go to the page " Security Issues "Submenu of" Settings To configure the plugin settings.

Setup WordPress plugin WP Security Issues

You will see a list of security issues already configured. You can add your own security questions by clicking on the button " Add More "(Add more) at the bottom. Alternatively, you can also edit or delete existing questions.

At the bottom of the settings page, you'll find options to enable security issues when signing in, signing up, and recovering passwords.

configuration of WordPress password recovery

Do not forget to click on the button « Save settings To save your changes.

That's all. From now on all users on your site will be prompted to select and answer their security question on the login page.

WordPress login form

Registered users of your WordPress site can visit their profile to select a security question and add their answer.

protection blogpascher login page

Users who don't set a security question will still be able to log in using just their username / email and password.

If you have enabled security questions on the registration page, new users will be able to choose a security question during registration.

This also applies to the case of compromised or forgotten passwords. If a user has forgotten a password, you will be able to block new password requests with the secure password, if the user has previously defined a response in their profile.

You must understand that this is one security measure among many others. You can not just rely on it, but also use it with other protection solutions to your blog.

That's it for this tutorial. Do not hesitate to ask us questions, if you do not understand a point on the tutorial.