[wp-hackers] Securing Wordpress Login

Brian Layman Brian at TheCodeCave.com
Wed Aug 23 03:47:53 GMT 2006

I prefer to not treat the user as if they are stupid, even if they are 
(and then it's their fault). Sure, a strength _indicator_ would be cool,

but forcing? I mean, what if I wanna do test/test on my local install?

The conversation early on was with regard to people able to write
articles and such. "The only people who login are people who write for
the sites."  So, there is some reason for requiring strength on accounts
that have a certain degree of power on your site.  I don't have a
problem requiring a minimal level of security be adhered to when people
are using/have-access-to my resources.  If I don't make certain that
safe procedures are followed, it is not their fault when something
happens to the site, it is mine.

More information about the wp-hackers mailing list