Security Module

Login ID Type

Login ID Type Restriction controls whether users can log in with username, email, or both. By default WordPress accepts either, but some security policies require one method only. Restricting to email-only makes passwords harder to brute force since attackers must guess emails not usernames. Alternatively, username-only may suit internal systems where emails change but usernames stay constant. Choose what works for your security and user experience needs.

login security email username authentication

Login ID Type Part of 165+ modules $349 $249

Get Lifetime Access

Key Features

Email-only login
Username-only login
Both email and username
Better security control

Why Use This Module?

  • Control login authentication method
  • Email-only for better security
  • Username-only for stable identifiers
  • Reduce brute force attack surface
  • Match organizational policies

Real-World Use Cases

Username-Only Security

Restrict login to username only to prevent attackers from discovering valid accounts through email enumeration.

Email-Only Convenience

Allow email-only login for membership sites where users are more likely to remember their email than a username.

Corporate Directory Integration

Enforce username-only login to match corporate SSO systems or directory services that use specific username formats.

How to Use

Choose which login identifier types are allowed in module settings.

Benefits & Impact

Time Savings

Automates manual tasks and streamlines your workflow

Performance Boost

Enhances site security and protection

Better UX

Provides a better user experience

Easy Maintenance

Simple setup with minimal ongoing maintenance

Frequently Asked Questions

Is email-only login more secure?

Attackers often know usernames from author archives. Emails are less predictable, making brute force harder.

What if users try the wrong method?

They see an error message explaining which login method to use.

Does this affect registration?

No, registration works normally. This only affects how existing users log in.

What Users Are Saying

"Switched to email-only login. Attackers cannot try common usernames now."

— Security Conscious

"Email addresses change, usernames do not. Username-only works better for us."

— Corporate Site

"Members remember their email better than usernames. Email-only reduces support."

— Membership Site

Related Modules

SECURITY

Activity Log

Track and log user activities including logins, logouts, post modifications, plugin activations, theme changes, and settings updates for security auditing

activity log audit +2
Learn More →
SECURITY

Disable All Updates

Disable automatic WordPress, plugin, and theme updates completely for production sites where manual update control is required for stability

updates disable maintenance +2
Learn More →
SECURITY

Disable Application Passwords

Disable WordPress application passwords feature to prevent REST API authentication and improve security by removing this authentication method

passwords security disable +2
Learn More →
WPSwitchboard

165+ Modules.
One Plugin. Done.

Security, admin tools, performance, SEO, and more. All in one place.

Get Lifetime Access - $349 $249
Core Modules
165+
Admin Tools, Security, Optimization, and more
Enhance your WordPress admin experience
Admin Tools
Dashboard Enhancements
Customize admin interface
Security & Performance
Optimization Modules
Secure & optimize your site