Force Strong Encryption

Force Strong Encryption

What It Does

WordPress stores passwords using encryption algorithms. Older encryption methods like bcrypt are less secure than modern alternatives like Argon2ID or Argon2I. This module automatically detects and uses the strongest encryption algorithm available on your server, ensuring passwords are stored with the highest level of security.

The module also sets an optimal "cost" value for password hashing, which determines how computationally expensive it is to hash passwords. Higher cost values make it much harder for attackers to crack passwords through brute-force attacks, even if they gain access to your database.

When you activate this module, it automatically detects the best encryption system available on your server and configures WordPress to use it. All new passwords will be encrypted using this stronger method, and existing passwords will be re-encrypted when users log in.

Why It Matters

Login attacks are one of the most common ways attackers try to gain access to WordPress websites.

By strengthening your login security, you significantly reduce the risk of unauthorized access to your website.

How to Use

Activate this module in the Users & Login section of SecuPress settings.

Once activated, the module works automatically and provides protection for your website.

If you encounter any issues after activation, you can temporarily deactivate the module. The module will automatically remove its protection rules when deactivated.