Siliconhose Brute force attacks is a method used to stealing the personal information such as username, password, personal identification number and also Card details .
Make the password strong :
We can prevent this attack by setting the strong password for your personal details. The password should be certain length with mixing of alphabets with upper and lower case, special case letter and numbers. By remebering the password we can use the keypass, sticky password , dashlane and lastpass etc
Modifying .htaccess file:
Adding a few rules in .htaccess file can further harden the security of your WordPress site. Objective is to allow access to wp-admin to only specific IP addresses listed in .htaccess file.
Limited number of login attempts :
Mainly consider putting a time limit on the block. Since many brute force attacks will happen in a short space of time, a temporary lockout may be all that’s needed. Set the login attempts maximum of 5, and if the login attempts is high, we have to set the forwarder to our gmail or number.
You can use multiple factors to authenticate identity and grant access to accounts.
Captcha—tools like reCAPTCHA require users to complete simple tasks to log into a system. Users can easily complete these tasks while brute force tools cannot.
Cloudflare is a renowned service for WordPress that usually deals with CDN and caching. It also offers a protective shield against Brute Force Attacks. Through Cloudflare settings, user can set rules for accessing login pages and set Browser Integrity Check.
you can lock accounts after several failed login attempts and then unlock it as the administrator.
Trick the system
Another possible diversionary tactic is to switch things up in order to confuse the attacker (or rather the software being used). For example, some bots are trained to recognize errors, but you could use redirects to different failure pages for simultaneous failed login attempts.
Unique login URLs
Because there aren’t really any concrete options for blocking brute force attempts, it’s wise to implement multiple strategies of defense. Some of these could simply involve diversionary tactics. One such method is to provide different URLs for users to login from.
Use long password :
Instead of using the small passwords even the password contain all the numerical words, upper and lower case letter, use the long password, which is prevent the attack