[wp-hackers] Possible security patch
kikizas at gmail.com
Mon Dec 7 14:32:55 UTC 2009
If the problem we discuss here is that exposed/known usernames make it
possible to guess or bruteforce passwords for those usernames,
wouldn’t be a solution to simply add to the core something like the
Limit Login Attempts plugins by Johan Eenfeldt?
If I understand the issue correctly, I think that a solution like this
would address it without adding any complexity to the UI (and without
unloading cognitive burden on the user).
More information about the wp-hackers