Solid Security Pro Feature Spotlight – User Security

In the Feature Spotlight posts, we will highlight a feature in the Solid Security Pro plugin and share a bit about why we developed the feature, who the feature is for, and how to use the feature.

Today, we will cover the features in Solid Security Pro’s User Security section. The User Security area provides many simple ways to audit the security of the site’s registered users.

Why Does User Security Matter?

The Solid Security Pro plugin has a ton of tools that you can use to increase the WordPress user security on your website. The Two-Factor Authentication and Password Requirements features protect your WordPress users from most automated password-guessing attacks.

However, these two user security tools are only effective if the users on your website are using them. A single administrator with a weak password could undermine all the other security measures you have implemented.

The Solid Security Pro User Security screen allows you to quickly audit and modify five critical aspects of user security:

1. Role
2. Password Age
3. Password Strength
4. Last Seen
5. Two-Factor Authentication (2FA) Status

How to Use the User Security Tools in Solid Security Pro.

The User Security screen in Solid Security Pro allows you to audit and take actions on five aspects of user account security for each user and user role group on your website.

Role

The “Role” column in the User Security table allows you to view and change the role group a user is assigned to.

Last Seen

The “Last Seen” section of the User Security screen shows the last time a user was logged into the website.

If the Last Active time for a user is Unknown, that means they haven’t logged in since the Soldi Security plugin was installed and activated.

Password Strength

The Password strength column indicates how strong ech user’s password is, from Very Weak to Very Strong.

Password Age

The Password Age column indicates how long each user’s current password has been in effect.

Two-Factor Authentication (2FA)

If the password strength of a user is Unknown, that means the user hasn’t logged in since the Solid Security Pro plugin was enabled.

The 2FA column of the User Security screen lets you see which users have enabled two-factor authentication and whether they still need to configure it.

If a user has enabled and configured at least one form of two-factor authentication, a green “Enabled” notice will appear in the 2FA column. If no 2FA methods are enabled, you will see a red “Disabled” notice instead.

Quick User Security Actions You Can Take.

Click the “Edit User” button or “Edit Multiple Users” link to take quick actions like sending reminders to configure two-factor authentication or forcing users to reset their passwords.

How to Manage User Security From Your WordPress Security Dashboard.

The Solid Security WordPress Security Dashboard is a dynamic dashboard with all your WordPress site’s security activity data and information in one place.

Two security cards or let you manage user-level security from your security dashboard: the User Security Profiles card and the individual User Security Profile card.

User Security Profiles Card (Many Users)

See a list of every user on the site. Click on any user to see how secure their account is.

User Security Profile Card (One User)

Pin a single user’s profile to your dashboard and see their user role, password strength and age, whether or not they have two-factor authentication enabled, and when they were last on the site.

Wrapping Up: Make User Security a Priority Today!

Hackers have better tools today, and the bar for security has been raised for everyone. WordPress security starts with user security. With Solid Security Pro, in less than a minute, you can audit the security of every user on your website.