A simple captcha for the WordPress login form. To be able to login, the user is required to enter a random 3-digit number in a text field.
- No complicated features
- No settings
- No image generation
- No API
- No sessions
- No cookies
- No IP address detection
- No personal data collection
- No vulnerabilities in the programming code
Bots can also try to login with the XML-RPC feature of WordPress! Very rarely plugins also need this (like the Jetpack plugin). But if you don’t use it, I recommend that you disable it. You can use the super simple one-line plugin Disable XML-RPC.
This is a simple plugin designed to protect against random bots that try to login on your site. But if a person actually looks at the code of this plugin and specifically designs a new bot that targets this plugin, this bot would be able to bypass the protection.