How to Remove Login Hints from the WordPress Login Page

How to Remove Login Hints from the WordPress Login Page

Most of the people ignore the login page of their WordPress websites, which may result in the brute force attack. If you monitor your website using a security plugin, you can realize how many brute force attack attempts take place every year.

By default, WordPress tries to give some hint to recover the password and the username, and many people don’t bother it that much.

But if you ask an advanced WordPress user, it’s an enormous deal; the website can be hacked by guessing the email address or the username.

You should understand the concept of the login hints and how to hide them. In this tutorial, you’re going to learn everything, which can help you secure your website.

I know when my friend was trying to log in, and luckily guessed the username because of the hints were given by WordPress, it doesn’t happen often, but you should take every possible step to harden your website’s security.

How do You See these Login Hints

Whenever you type a wrong username of the email, WordPress displays a message that your username is invalid.

ERROR: Invalid Username. Lost Your Password?

How to Remove Login Hints from the WordPress Login Page

This is the actual error you see.

But when you type the wrong password, you see a different error message.

ERROR: The password you have entered for the username themedemo is incorrect. Lost Your Password?

How to Remove Login Hints from the WordPress Login Page

Do you realize what does an error message reflect? It means your username is correct, but the password is wrong, which gives a hint, that you have guessed the correct username.

I know it’s a hit and trial method, but it’s possible that a hacker can guess the username or the email address in a few trials.

That’s why it’s always recommended to use a potent combination of username and password. Many WordPress users neglect such a bit of advice and face the fatal.

How Can You Disable or Edit a Login Error

You should be joyful; you can edit or completely remove a login error message using the functions.php file. You need to create a function, which can target the default WordPress login error message codex.

I hope you know; you can find the functions.php file from your WordPress admin panel by navigating to Appearance>>Editor and Theme Function(functions.php) from the vertical navigation bar.

But many WordPress experts or even the web hosting companies disable file editing from the admin panel, so you should always follow the cPanel method.

Follow the steps.

Step 1

Open the file manager from cPanel and find the public_html directory

, where all of your website’s data is available.

How to Remove Login Hints from the WordPress Login Page

Step 2

As you know, plugins, themes, and media files of a WordPress site are present in the wp-content folder, open it and look for themes folder.

How to Remove Login Hints from the WordPress Login Page

Step 3

You can see all the inactive or active theme currently downloaded on your website.

Open the theme folder you want to edit.

How to Remove Login Hints from the WordPress Login Page

Of course, you want to edit your presently using WordPress theme, search for the functions.php file, right-click to edit.

Step 4

You can see tons of coding lines on a new page. You don’t need to fret.

All you need to do is copy and paste the code at the bottom of the functions.php file.
functionnew_wordpress_errors(){
return'Wrong Login Details.';
}
add_filter( 'login_errors', 'new_wordpress_errors' );

Now, if you try to log in, you get “Wrong Login Details.” as an error message, you can edit this message and display anything you wish.

How to Remove Login Hints from the WordPress Login Page

You can quickly notice that the second line of the above-written code is returning the value of a login error message.

Congrats, you have successfully added one more security layer to your WordPress website.

I Hope You Can Easily Locate the functions.php File

Before you make any changes, it’s essential to back up your website and its database. Sometimes, when you paste the code, you can unknowingly break the website.

If you don’t want to back up the whole website, you should at least back up the WordPress theme you use.

Even though you edit the login hints, you should always use a plugin to limit the login attempts so that no one can hint and try more than a few times, setting the login attempts to three is effective.

Conclusion

Numbers of websites get hacked every year, and it’s vital to take the initiative to spread the word about security awareness.

For a newbie, security of a site may not be a concern, but once they put some time into the design and the content, it’s essential to take a few steps further.

Add the code as mentioned earlier and secure your login page.

Check out these top 3 WordPress hosting services:

A2 Hosting
£1.49 /mo
Starting price
Visit A2 Hosting
Rating based on expert review
  • User Friendly
    4.5
  • Support
    4.0
  • Features
    4.5
  • Reliability
    4.8
  • Pricing
    4.0
IONOS
£0.76 /mo
Starting price
Visit IONOS
Rating based on expert review
  • User Friendly
    4.5
  • Support
    4.0
  • Features
    4.5
  • Reliability
    4.5
  • Pricing
    4.3
Webdock
£0.80 /mo
Starting price
Visit Webdock
Rating based on expert review
  • User Friendly
    3.8
  • Support
    4.5
  • Features
    4.5
  • Reliability
    4.3
  • Pricing
    4.3

How to Set Up HTTP 301 Redirection using Plesk.

This article shows you how to set up HTTP 301 redirection using Plesk.
less than a minute
Idan Cohen
Idan Cohen
Marketing Expert

How to Secure the .htaccess File from Unauthorized Access

This guide will help you add one more security layer to your website by protecti
less than a minute
Idan Cohen
Idan Cohen
Marketing Expert

How to Disable PHP Execution to Improve Website's Security Using cPanel

This how-to guide will explain about restricting others from executing any malic
less than a minute
Max Ostryzhko
Max Ostryzhko
Senior Web Developer, HostAdvice CTO

How to Stop Image Hotlinking Using cPanel

This how-to guide explains the easiest way to prevent image hotlinking using cPa
less than a minute
Angela Olaru
Angela Olaru
Senior Writer & Hosting Expert
HostAdvice.com provides professional web hosting reviews fully independent of any other entity. Our reviews are unbiased, honest, and apply the same evaluation standards to all those reviewed. While monetary compensation is received from a few of the companies listed on this site, compensation of services and products have no influence on the direction or conclusions of our reviews. Nor does the compensation influence our rankings for certain host companies. This compensation covers account purchasing costs, testing costs and royalties paid to reviewers.
Click to go to the top of the page
Go To Top