[wp-testers] Incorrect Username / Incorrect Password

WP Testers List wp-testing at mou.me.uk
Wed Apr 2 16:29:18 GMT 2008


I agree the value could be considered relatively small, but surely if it
adds any value whatsoever its a bonus?  Especially considering the
simplicity of the change.

I don't see the link between this suggestion and needing to change
usernames?  Sorry if I'm being thick.  Surely you're more likely to need to
change your username using the current system, because its more likely that
someone will be able to successfully guess your login?



On 02/04/2008, Austin Matzko <if.website at gmail.com> wrote:
>
> On Wed, Apr 2, 2008 at 11:14 AM, WP Testers List <wp-testing at mou.me.uk>
> wrote:
> >  Are there any plans to replace this double-error thing with a standard
> >  "username/password combination not recognised" or something equally
> >  generic?  Is there a ticket already completed?  I can't check myself
> because
> >  my companies over zealous firewall considers anything with "wordpress"
> in
> >  the url to be evil!  Yeah, I know, its bullsh*t...
>
>
> This has been discussed a number of times on the WP lists, and I think
> the consensus is that such "security by obscurity" is of little value,
> especially since almost all WP installs have an "admin" user. Any such
> solution would need to be combined with a way of changing one's user
> name.
> _______________________________________________
> wp-testers mailing list
> wp-testers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-testers
>


More information about the wp-testers mailing list