Here’s what you can do:
- Wait for the Lockout Duration to Expire: Usually, the lockout is temporary, and after a specific time, you can attempt to log in again. The duration of the lockout varies based on the security settings implemented on the website.
- Reset Password: If you forgot your password, utilize the “Lost your password?” link on the login page to reset your password via your email address.
- Access via a Different IP Address: Sometimes, accessing the login page via a different IP address allows you to bypass the restriction.
If you have access to the hosting or FTP:
- Disable the Security Plugin: If you have access to the file system (via FTP/SFTP or File Manager in cPanel), you can temporarily disable the security plugin causing the lockout by renaming the plugin’s folder located in
wp-content/plugins/.For example, if the security plugin’s name is
wordfence, rename the
- Access phpMyAdmin: If you have access to the database via phpMyAdmin, you can manually unlock your user account or change the password from the users table.
For Website Administrators:
- Check the Security Plugin Settings: If you have another administrator account or if you can still access the WordPress Dashboard, check the security plugin settings and see if you can unblock the IP address or user account, or adjust the settings related to login attempts.
- Contact Hosting Provider: If you are unable to resolve the issue yourself, contacting your hosting provider can be helpful, as they may be able to assist you in regaining access.
- Implement CAPTCHA: Implementing a CAPTCHA on the login page can help in preventing bots from making brute force attempts.
- Limit Login Attempts: Configure the security plugin to limit the number of login attempts and lock out users after a certain number of failed attempts.
- Whitelist Trusted IP Addresses: If possible, whitelist your IP address in the security settings so that you are not locked out.
The error message “WordPress Error: Too many failed login attempts. Please try again” means that you have tried to log in to your WordPress website too many times with the wrong password. This security feature is in place to prevent hackers from gaining access to your site using a brute-force attack.
There are a few things you can do to fix this error:
- Wait for the lockout period to expire. The lockout period is the amount of time you have to wait before you can try to log in again after too many failed attempts. The default lockout period in WordPress is 15 minutes.
- Reset your password. If you can’t log in to your WordPress website, you can reset your password using the “Lost your password?” link on the login page. This will send you a link to reset your password to your email address.
- Disable the Limit Login Attempts plugin. If you are using a Limit Login Attempts plugin, you can temporarily disable it to regain access to your website. Once you ar
ere are some additional tips for preventing too many failed login attempts:
- Use a strong password manager to create and store unique, complex passwords for all of your online accounts.
- Enable two-factor authentication on your WordPress website. This will add an extra layer of security by requiring you to enter a code from your phone in addition to your password when logging in.
- Keep your WordPress core, plugins, and themes up to date. Outdated software can contain security vulnerabilities that hackers can exploit.
- Use a security plugin such as Wordfence or Sucuri to scan your website for malware and vulnerabilities.