As part of our ongoing effort to enhance platform security and protect customer accounts, we’ve introduced a new account lockout system in the MyKinsta dashboard. This follows our recent move to require two-factor authentication (2FA) for all logins.
Now, if someone enters the wrong password too many times, MyKinsta temporarily locks the account and notifies the user by email.
This adds an extra layer of protection against brute-force attacks, where bad actors try to guess passwords using bots or automated scripts.
How account lockout works in MyKinsta
If someone attempts to log in to your MyKinsta account and repeatedly fails to enter the correct password, the system automatically locks the account.
When that happens, you receive an email with a Temporary Login to MyKinsta button that contains a secure login link.
Clicking the button will allow you to access your account during the lockout period, as long as you provide the correct credentials and 2FA.
Why this matters
Login credentials are a common target for attackers, especially when reused across services or leaked in data breaches. Lockout systems make brute-force attacks less practical by slowing them down and alerting legitimate users.
The new feature works silently in the background, only showing up when needed, and helps ensure your MyKinsta access stays in the right hands.
Security is built-in at Kinsta
Security is built into every part of the Kinsta platform. From ISO 27001 certification and SOC 2 compliance to built-in firewalling, DDoS protection, and wildcard SSL, we’re committed to keeping customer data safe.
These account-level safeguards, including our new lockout system and mandatory 2FA, reflect our commitment to protecting your data and projects.
Want to learn more? Visit our Trust Center to explore how we approach security at every level.