[wp-hackers] Securing Wordpress Login
Aaron Brazell
emmensetech at gmail.com
Tue Aug 22 17:56:26 GMT 2006
On 8/22/06, Robert Deaton <false.hopes at gmail.com> wrote:On 8/22/06, Dr
Deviant <deviant at dr-deviant.net> wrote:
> > Here's a thought - why not have some options in the core that allowed
> you to
> > configure strength etc along the lines of the major policies that get
> used
> > (history, character length, character content and repeatability etc) ??
> I
> > think someone mentioned a plug-in as well, but I have not seen any hooks
> > around the password entry areas.
>
> Plugins can do it, and they have. Read up in the list for the info on my
> plugin.
>
> > It would be so nice to redefine the login page and control that process
> a
> > little more. <sigh>
> >
> > Another issue is with the corporate entity. A lot of LARGE corporations
> > require strong passwords as part of their externalised business model,
> and
> > as such if the WP development team want the product to taken up by
> corporate
> > out of the box, then someone needs to make them feel a little more
> loved.
> > The easiest way here is to hook WordPress up to the corporate LDAP/AD
> > service where all of the strength is handled for you, the corporation
> then
> > has their warmer glowier feeling.
>
> There are LDAP plugins for WordPress available. I'm not sure as to the
> extent of the functionality, but they do exist.
Dropping in on this conversation, um, which LDAP plugins are there for
WordPress. I am VERY interested in this.
--
Aaron Brazell
Author & Blogger, http://technosailor.com
Systems Admin, http://b5media.com
Technology Channel Editor, http://b5media.com
"The internet is a series of tubes." -Sen. Ted Stevens
More information about the wp-hackers
mailing list