[wp-hackers] Securing Wordpress Login
false.hopes at gmail.com
Tue Aug 22 17:53:22 GMT 2006
On 8/22/06, Dr Deviant <deviant at dr-deviant.net> wrote:
> Here's a thought - why not have some options in the core that allowed you to
> configure strength etc along the lines of the major policies that get used
> (history, character length, character content and repeatability etc) ?? I
> think someone mentioned a plug-in as well, but I have not seen any hooks
> around the password entry areas.
Plugins can do it, and they have. Read up in the list for the info on my plugin.
> It would be so nice to redefine the login page and control that process a
> little more. <sigh>
> Another issue is with the corporate entity. A lot of LARGE corporations
> require strong passwords as part of their externalised business model, and
> as such if the WP development team want the product to taken up by corporate
> out of the box, then someone needs to make them feel a little more loved.
> The easiest way here is to hook WordPress up to the corporate LDAP/AD
> service where all of the strength is handled for you, the corporation then
> has their warmer glowier feeling.
There are LDAP plugins for WordPress available. I'm not sure as to the
extent of the functionality, but they do exist.
More information about the wp-hackers