Plugin0 - Build Features & Discover WordPress Plugins with AIBeta
Home Plugins wp login delay
Login Delay Shield logo

Login Delay Shield

by michael.damoiseau on WordPress.org

Login Delay Shield slows down brute-force attacks by adding a configurable delay to failed login attempts while keeping successful logins instant.

(5)
Settings page with delay configuration options.

Settings page with delay configuration options.

WordPress is one of the most widely used content management systems on the internet, making it a frequent target for bots and hackers attempting brute-force attacks.

A brute-force attack works by systematically trying passwords until finding the correct one. Login Delay Shield defends against this by adding a configurable delay after each failed login attempt. Since successful logins are never delayed, legitimate users experience no slowdown. This approach is particularly effective against bots that send thousands of login requests, as each failed attempt forces the attacker to wait before trying the next password.

Features:

  • Login delay — Fixed or random delay on failed login attempts (1-10 seconds)
  • Progressive delay — Delay increases with each consecutive failed attempt from the same IP
  • IP lockout — Temporarily block IP addresses after too many failed attempts
  • Username-aware lockout strategy — Choose IP only or IP + username to reduce false positives on shared networks
  • Login feedback — Shows remaining attempts before lockout and a lockout countdown when blocked
  • IP whitelist — Bypass all security measures for trusted IPs (supports CIDR notation)
  • Email notifications — Receive alerts when failed login thresholds are reached
  • Failed login log — Track all failed attempts with a dashboard widget showing recent activity
  • XML-RPC protection — Apply delays to XML-RPC authentication or block it entirely
  • Log retention — Automatic cleanup of old log entries (configurable retention period)
  • Accessible admin interface — WCAG 2.1 compliant with keyboard navigation and screen reader support
  • Multilingual — Translated into 18 languages including French, German, Spanish, Japanese, Chinese, Arabic, and more
  • Lightweight and compatible with other security plugins

This plugin is not a complete security solution — dedicated security plugins offer more comprehensive protection. However, Login Delay Shield adds an effective layer of defense that works alongside your existing security measures without conflict.

Note: This plugin was formerly known as “WP Login Delay”.

Active installations90+
Weekly downloads
74+184.62%
Version2.1.0
Last updated2/14/2026
WordPress version3.5.1
Tested up to6.9.1
PHP version5.4
Tags
Brute Forcelockoutloginsecurityxmlrpc

Related Plugins

Expire Passwords logo

Expire Passwords

Require certain users to change their passwords on a regular basis.

600+
hideShowPassword logo

hideShowPassword

Toggle password visibility on the WordPress login screen.

600+
Advance Login Style logo

Advance Login Style

Advance Login Style can fully customize your WordPress Login, Register page.

60+