[wp-hackers] Possible security patch

Demetris kikizas at gmail.com
Mon Dec 7 14:32:55 UTC 2009


If the problem we discuss here is that exposed/known usernames make it
possible to guess or bruteforce passwords for those usernames,
wouldn’t be a solution to simply add to the core something like the
Limit Login Attempts plugins by Johan Eenfeldt?

<http://wordpress.org/extend/plugins/limit-login-attempts/>

If I understand the issue correctly, I think that a solution like this
would address it without adding any complexity to the UI (and without
unloading cognitive burden on the user).

Demetris
http://op111.net/


More information about the wp-hackers mailing list