Last updated December 5th, 2023 22:52
The WordPress administration allows users to log in using two options: either by entering the user login or their email. Using either option along with the correct password allows users to log in to the system. As your email is often readily available on the website, you can enhance WordPress security by disabling this login option. Users will then need to log in using only their non-public username. In this article, we’ll demonstrate how to disable logging into WordPress using email. It’s another small piece in improving your website’s security. While it may seem like a detail, it’s these details that ultimately make up the whole.
How to disable logging into WordPress using email with a snippet
To implement this functionality into your website, you’ll need two things: PHP code and a plugin to insert this code into your website. I use the WPCode plugin for inserting code into the website, which, in my opinion, is the best choice. It’s also very intuitive for beginners. You can install the plugin through the WordPress administration. In the left menu, click on ‘Plugins’ and then on ‘Add New.’ In the search field, type ‘WPCode‘. Install and then activate the plugin.
If you’re interested in a complete guide on how to work with this plugin, please take a look at this article: How to insert custom codes into WordPress. In the article, you’ll find all the necessary information.
Snippet to Disable Logging into WordPress via Email
Using the aforementioned WPCode plugin, insert the following PHP code into your website. Please note, when adding the snippet, remember to change the language from default HTML to PHP.
remove_filter( 'authenticate', 'wp_authenticate_email_password', 20 );
Once you’ve inserted the code into the plugin, save the snippet and don’t forget to activate it. An inactive snippet won’t work. Once you log out, you can immediately test the PHP snippet’s function.
Conclusion
Regarding security, this isn’t a major step, of course. However, it’s one of the small details that ultimately make it more difficult for attackers to damage your website. And if you have more and more of these little pieces on your website, eventually, attackers tend to decide to find another website where manipulating the administration isn’t as complex.
The website is created with care for the included information. I strive to provide high-quality and useful content that helps or inspires others. If you are satisfied with my work and would like to support me, you can do so through simple options.
Subscribe to the Newsletter
Stay informed! Join our newsletter subscription and be the first to receive the latest information directly to your email inbox. Follow updates, exclusive events, and inspiring content, all delivered straight to your email.
