Sometimes the tools that we use to keep our businesses safe do too good of a job. Maybe this hasn’t happened to you, but I’ve definitely been locked out of a WordPress website or two because I entered the wrong password one too many times.
How does that even happen?
Whether it’s not realizing your caps lock is on, not saving the new password you set to your password manager or convincing yourself that you’re close to the right password, it’s possible to mess up when logging in to your website. And if you’re using a plugin or service that limits the number of login attempts, you might find yourself blocked from your own website for 1 hour, 12 hours or even 24 hours. Eeek!
These limits are set by the plugin or service that you’re using, so it’s a good idea to make sure you know the parameters for your own security systems. I typically recommend 12-24 hours for login limiting tools to keep the hackers away long enough that they will likely move on to a new target.
But what if you can’t wait a day before logging back in?
There’s good news + bad news. The good news is that there are ways around these login limit tools. The bad news is that if you’re locked out already, you may not have implemented what I’m about to suggest. Keep reading to find out.
If you’re a solopreneur, I want you to have 2 logins to your own WordPress website. The primary one that you use often + a secondary (aka backup) login that you use for moments like this.
It doesn’t matter if you’ve made a few fat-fingered login attempts or if your specific account has been hacked + the password changed, having a secondary login will prevent you from being blocked from your dashboard completely. This secondary account should be tied to a personal email address (or a backup gmail email address) + have a secure password saved to a password vault.
For anyone currently locked out of your site, this tip isn’t helpful. But maybe someone on your team has a login + can sign in to whitelist your IP address or your username. This is why it’s essential to have at least 2 administrator accounts on your WordPress website — whether they both belong to you or not.
If having another login isn’t an option to you right now, I have two more suggestions for you that don’t involve simply waiting for the timer to run out on your site ban.
Go to a coffee shop.
I’m not telling you to take a break from work. Clearly you need to get into your site or you wouldn’t be stressing about this. I’m telling you to switch up where you are getting internet from.
Shit’s about to get real nerdy, so hold on…
Most login limiting tools use IP Addresses to block suspicious activity. When you tried one too many times to log into your site with the wrong details, your WordPress site blocked your IP address (most likely.)
By going to a coffee shop (or using your cell service to connect to the internet), you are changing your IP address. This location change could be the ticket to buying yourself more attempts at logging in.
Ask the geek squad.
The last option you have is to reach out to tech support if your hosting service is the one applying the login limits. Usually they’ll want you to prove that you are the one paying for the account. As long as you do that, they can get you back to editing your site content in minutes.
Go ahead + create that second administrator account if you haven’t already. As long as the username + password are secure, you can simply “set it + forget it” so to speak. You can thank me later.