While going for enhancing authentication of your login page, the first advice is to revise and edit the core files. Overwrite those files while updating Wordpress.
Another thing is, update the Wordpress version in a timely manner as WP security updates often come.
Other than this, I want to recommend to go for "hooks" which is the best way to edit. Go for Login_form action hook and use the authenticate filter to verify your user.