WordPress accounts for about one quarter of all Web sites on the planet, which means the popular content management system routinely gets attacked.
Now, a Seattle startup by the name of Wordfence is looking to help WordPress administrators prevent those attacks, and make sure passwords are up to snuff.
The company — whose security plug-in has been downloaded more than 5.2 million times — today is announcing a new tool that allows WordPress publishers and admins to verify the strength of user passwords. To do this, Wordfence uses what is known as a “cracking cluster” of supercomputers to assess password strength.
If the password strength appears suspect, the tool offers features to improve site security.
“Hackers today have access to a tremendous amount of processing power in the form of off-the-shelf computing hardware from vendors like Nvidia and AMD. This hardware excels at parallel data processing and reduces the time needed to crack a password by orders of magnitude,” said Wordfence co-founder Mark Maunder. “To help ensure our customers and the WordPress community are using the strongest passwords possible, we’ve created our own powerful cracking cluster with more than 40 Teraflops of processing power so users can quickly evaluate existing password strength and more effectively secure their sites.”
Maunder actually came up with the idea for Wordfence after his own personal Web site was hacked in 2011. He fixed the issue, donated the code back to a project to prevent similar exploits and then started Wordfence. Now, he said the company’s technology prevents on average 23 million attacks per day on WordPress. Maunder previously worked as a developer at Jobster, eToys and the BBC.
The new password tool comes embedded in the premium version of Wordfence, which costs $39 per year.