Limit Login Attempts Reloaded – Login Security, 2FA, Brute Force Protection & Firewall
Block excessive login attempts and protect your site against brute force attacks. Simple, yet powerful tools to improve site performance.
4.9(1,446 reviews)
·2.0M+ active installs·Updated 1 week agoAs of April 2026, Limit Login Attempts Reloaded is a WordPress 2FA plugin with 2.0M+ active installations and a 4.9/5 rating from 1,446 reviews. It has been downloaded 82M+ times in total. Requires WordPress 3.0+ and PHP false+. Available on WordPress.org since 2016. Actively maintained — updated within the last month. Downloads are down 84% this week. Support resolution rate: 40%. Top alternative: Wordfence Security – Firewall, Malware….
4.9/51,446 reviews
2.0M+active installs
40%resolved
10 yearssince 2016
Overview
Limit Login Attempts Reloaded functions as a robust deterrent against brute force attacks, bolstering your website’s security measures and optimizing its performance. It achieves this by restricting the number of login attempts allowed. This applies not only to the standard login method, but also to XMLRPC, Woocommerce, and custom login pages. With more than 2.5 million active users, this plugin fulfills all your login security requirements.
The plugin functions by automatically preventing further attempts from a particular Internet Protocol (IP) address and/or username once a predetermined limit of retries has been surpassed. This significantly weakens the effectiveness of brute force attacks on your website.
By default, WordPress permits an unlimited number of login attempts, posi…
Screenshots
Ratings & Reviews
4.91,446 reviews
5 ★
1,368
4 ★
28
3 ★
6
2 ★
10
1 ★
34
Recent Reviews
Good Security Help
by roseday·5 days ago·1 reply
Does a good job of limiting login tries. Helps reduce spam logins and brute force attempts. The setup was simple and is running fine. Could be a bit more flexible, but still useful 👍
Very very effective. You can even see where the IP address trying to hack you
by marenmaren·6 days ago
This plugin is first effective in blocking (limiting) login attempts from hackers. Second, it even shows you the IP address with its location.
Skydd mot attacker
by huno1943wor0816·1 week ago
En utmärkt hjälp föratt skydda min hemsida mot attacker
Essential for all my wordpress sites
by carlos6623·1 week ago
This plugin has protected me from many attacks, and arned me just it time. Essential for all my wordpress sites.
Best Security Solution
by otohaharuka·2 weeks ago
Because WordPress cannot run as a standalone application, security measures are essential.
The fact that a feature that detects and alerts users via email about irregular unauthorized access from overseas is available for free is extremely helpful.
Of course, it goes without saying that 2FA should be used in conjunction with this feature, but since 2FA alone doesn’t guarantee security, I think this plugin should be installed.
Download Trends
Today: 17KYesterday: 21KThis week: 338KPeriod total: 15.8M
Compatibility
| WordPress | 3.0+ requiredTested up to 6.9.4 |
| PHP | false+ required |
Version Adoption
v3.0
42.0%
v2.26
39.7%
v2.25
9.5%
Other
8.9%
Top Alternatives to Limit Login Attempts Reloaded – Login…
Frequently Asked Questions
Changelog
3.0.2
- Hardened admin tab parameter (whitelist, strict checks) before loading tab views.
- Onboarding: redirect to Dashboard when setup is incomplete and a tab other than Dashboard is opened.
- Failed-login email subject: numbered placeholders for translation-friendly word order (e.g. for Dutch).
- Onboarding popup: hide body scroll while open, restore on close; focus modal content.
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.