As a webmaster with over 15 years of WordPress experience, I know how frustrating it is to accidentally lock yourself out of your own site. But don‘t worry – I‘m here to help you get back in!
In this guide, I‘ll explain why you may have gotten locked out, and show you two simple methods to unblock limit login attempts in WordPress.
Contents
The Brute Force Threat to WordPress Sites
Installing the Limit Login Attempts Reloaded plugin is one of the best ways to protect your WordPress site. This prevents hackers from using brute force attacks to crack passwords.
But what exactly is a brute force attack?
A brute force attack is when a hacker tries to guess passwords using automated scripts that test thousands of different combinations. According to Wordfence, over 25 million brute force attacks happen across WordPress sites every hour!
Limit Login Attempts Reloaded thwarts this by locking accounts after a certain number of failed logins. But legitimate users can also trigger the lockout by accidentally typing their password wrong too many times.
Mistyping Your Own Password
We‘ve all been there – you changed your password recently or typed it incorrectly by mistake. Before you know it, you surpassed the maximum invalid login threshold and triggered the lockout yourself.
I can‘t tell you how many times this has happened to me over the years! Just last week, I updated my password and then continually got the error message "Your account has been locked due to too many failed login attempts."
Fortunately, there are a couple ways we can quickly unblock limit login attempts…
Method 1: Delete the Plugin Folder Using FTP
The easiest solution is to temporarily disable the plugin by removing its folder using FTP or your hosting control panel‘s file manager.
Step 1) Access the Plugin Folder
Log into your hosting account and navigate to the /wp-content/plugins/
directory. You should see a folder named limit-login-attempts-reloaded
.
Step 2) Select and Delete
Select this folder and delete it.
And that‘s it! Without the plugin active, you‘ll be able to log into your WordPress admin area again.
Just be sure to reinstall Limit Login Attempts Reloaded afterwards to turn your security back on.
Method 2: Reset Failed Attempts with a SQL Query
More experienced users may prefer to run a SQL query in phpMyAdmin to reset the failed login counter.
Step 1) Access phpMyAdmin
Log into your hosting control panel, and click on the "phpMyAdmin" icon under Databases.
Step 2) Select Your Database
Choose your WordPress database if it‘s not already selected.
Step 3) Open the SQL Tab
Click on the SQL tab in phpMyAdmin.
Step 4) Run the Query
Here is the SQL query that will reset the failed login count:
UPDATE wp_options
SET option_value = ‘‘
WHERE option_name = ‘limit_login_lockouts‘
LIMIT 1;
Be sure to replace wp_
with your actual database prefix if different.
Then click Go to execute the query.
Step 5) Check it Worked
You should see a message that the query ran successfully. Now you can log back in to WordPress!
A Note About Security
Whichever method you use to unblock login attempts, don‘t forget to re-enable security afterwards. Limiting login attempts is a WordPress best practice.
As someone who has run WordPress sites for over 15 years, I‘ve seen firsthand how effective plugins like Limit Login Attempts Reloaded are at stopping brute force attacks.
So once you‘re back in your site, take a few minutes to reinstall the plugin and strengthen your passwords. This will help ensure your site stays secure.
I hope this guide helped you quickly regain access to your WordPress admin area! Let me know in the comments if you have any other questions.