[wp-hackers] WordPress can "leak" if a username is valid

howard chen howachen at gmail.com
Tue Feb 19 04:43:26 GMT 2008

On Tue, Feb 19, 2008 at 4:36 AM, Alex Hempton-Smith
<hempsworth at googlemail.com> wrote:
> Sorry if this has already been discussed before, but I was just looking
>  through the open tickets and saw this one:
>  http://trac.wordpress.org/ticket/5301
>  It was suggested in one of the closed duplicate tickets that this issue be
>  discussed on wp-hackers to find out the general consensus.
>  I'd personally like to see this go into the core, what do you guys think?
>  Alex
>  _______________________________________________


Take a look at Yahoo email registration and see how they protect "user
name guessing" thru their AJAX API.


More information about the wp-hackers mailing list