GuardianKey logo Painless Cybersecurity!

GuardianKey for WordPress

Painless authentication protection for your site.
Free native plugin for WordPress.
Easy deployment, just install and use!

How the plugin works

The GuardianKey plugin for WordPress sends events to the GuardianKey engine on each login attempt.

GuardianKey returns a risk level and a suggested action (ACCEPT, NOTIFY, HARD-NOTIFY, or BLOCK).

The plugin can notify your users about accesses in their accounts. Also, high-risk attempts can be blocked.

Notified users can tell if the attempts were legitimate or not. In the affirmative case, GuardianKey learns for future analysis, otherwise, your security team can be notified.

Protect against attacks

Brute force

Innovative brute force detection method.

Account takeover

Contextual and behavioral data are used to identify users.

Automated attacks

Threat intelligence, contextual and behavioral data are used.


Anonymization proxies are listed in the threat intel database.

Credential stuffing

Block authentication attempts even if the password matches.

Password guessing

Approach to detect and block password guessing.

Plugin deployment

The plugin is available in the official WordPress repository. It is simple and easy. Just follow the steps below.

  • In your WordPress administration, go to Plugins -> Add New.

  • Search for GuardianKey.

  • Install and Activate the plugin.

  • You will be automatically registered in the cloud services.

  • You should receive an e-mail with credentials for the GuardianKey's Administration Panel.

  • You may want to enable the user notification (disabled by default), in Tools->GuardianKey.

Using the plugin


  • By default, the plugin automatically register an user for you in the GuardianKey Auth Security Lite for CMS. You can change it in the plugin's configuration, in the WordPress administration console.

  • You will receive an e-mail with credentials to view the events in the GuardianKey's Administration Panel. Check it out!

  • If you have more than one WordPress installation, you can also use GuardianKey. Just create an auth group for each site and configure correctly the plugins.