Does Authica support email verification?

Yes. Authica Pro includes email verification for new registrations so users must confirm their email before logging in.

Which CAPTCHA solutions does Authica support?

Authica supports Cloudflare Turnstile today. Additional bot protection options may be added over time.

Will Authica slow down my site?

No. Authica is optimized to load only on login-related pages and is built to stay lightweight and fast.

Why don’t I see country codes?

Country labels work best when your site is behind the Cloudflare proxy (orange cloud), which provides the CF-IPCountry header used by Authica.

features – Authica

Everything Authica Can Do

Authica gives you full control over the WordPress login experience.
Customize everything visually, secure it with enterprise-grade tools, and stay ahead of threats.

Get Authica Pro

SaaS-style dashboard
See your security stack like a control center clean cards, clear status, and fast actions. Shows what’s enabled, what’s off, and what needs attention at a glance. Highlights critical items first (lockouts, failed logins, misconfigurations).

From Minimal to Masterpiece
Authica adapts to your style, keep it clean and lightweight, or go all-in with a fully custom, creative login experience. Minimal presets for a modern, distraction-free look. Full design control when you want something unique. Works great for both simple business sites and high-design brands.

Features

Full Visual Customization

Style every part of the login page using WordPress Customizer with live preview: Branding, backgrounds, Google fonts & styling.

Turnstile & Edge security

Cloudflare-backed protection that blocks bots and restricts login access by location with local fallbacks for layered security.

AJAX Login & Registration

Provide a seamless, modern authentication experience without full page reloads.

Email Verification

Require email confirmation for new accounts to stop fake sign-ups and improve security.

Login Methods

Offer a smoother login experience with multiple secure sign-in options such as passkeys, magic links, social login, and classic passwords.

Custom Messages & Animations

Branded success/error messages with position and animation controls for a polished experience.

Hide / rename `wp-login.php`

Replace the default login URL with your own slug to reduce bot scans and password-spraying attacks.

Redirect Rules

Send users to the right place after login and logout, per-role and global rules with safe fallbacks.

IP Restriction

Allow or block login by IP, range or subnet. Unknown sources are stopped before the form loads.

Brute Force Protection

Limit repeated login attempts by IP and username, apply temporary lockouts after too many failures, and slow down password-guessing bots without getting in the way of legitimate users.

Two-factor authentication (TOTP)

Add a second step to login using time-based one-time codes (TOTP). Users confirm a code from an authenticator app after their password, stopping most stolen-password logins.

Logging, Reports & Alerts

Track who is trying to log in, from where, and what gets blocked. See login successes, failures, verification events, and bot protection activity, with optional email alerts for suspicious behavior.