[wp-hackers] Possible security patch

Ozh ozh at planetozh.com
Mon Dec 7 08:57:42 UTC 2009


Mark Jaquith wrote:
> I think I have a better method of tackling this issue: We now prompt
> the user in the wp-admin when they are using the default install
> password or a reset password. What about if we do a similar prompt if
> "admin" is the only user on the blog, suggesting that they create a
> second user name and use THAT for posting?

What about simply asking the user about renaming 'admin' to something more 
personal?

Ozh


More information about the wp-hackers mailing list