[wp-hackers] Possible security patch

Dre Feeds feeds at armeda.com
Mon Dec 7 17:22:27 UTC 2009




> Mark Jaquith wrote:
>> I think I have a better method of tackling this issue: We now prompt
>> the user in the wp-admin when they are using the default install
>> password or a reset password. What about if we do a similar prompt if
>> "admin" is the only user on the blog, suggesting that they create a
>> second user name and use THAT for posting?
>
> What about simply asking the user about renaming 'admin' to  
> something more
> personal?
>
> Ozh

What about a second built-in account specifically built for posting  
and simply asking the user to rename this account. I think we separate  
them all together so there is no confusion.

Dre Armeda


More information about the wp-hackers mailing list