[wp-hackers] Possible security patch
Demetris
kikizas at gmail.com
Mon Dec 7 14:32:55 UTC 2009
If the problem we discuss here is that exposed/known usernames make it
possible to guess or bruteforce passwords for those usernames,
wouldn’t be a solution to simply add to the core something like the
Limit Login Attempts plugins by Johan Eenfeldt?
<http://wordpress.org/extend/plugins/limit-login-attempts/>
If I understand the issue correctly, I think that a solution like this
would address it without adding any complexity to the UI (and without
unloading cognitive burden on the user).
Demetris
http://op111.net/
More information about the wp-hackers
mailing list