[wp-hackers] Unsolicited password resets

Otto otto at ottodestruct.com
Tue Dec 3 17:33:36 UTC 2013

Do you have a username that some user is likely to think is their own?

You'd be surprised at the number of people trying to log into WordPress.org
using their usernames/passwords from their own websites. Then getting
confused as to why they never get the reset email...


On Tue, Dec 3, 2013 at 11:25 AM, David Anderson <david at wordshell.net> wrote:

> Hi,
> Just wondering.... has anyone else received an unsolicited 'password
> reset' email from wordpress.org today?
> I received one, and wondered if it's part of a pattern. Obviously a
> wordpress.org login is quite powerful if it control SVN access to a
> top-100 plugin installed on 50,000 sites, and there are presumably bad guys
> who try to crack them.
> David
> --
> WordShell - WordPress fast from the CLI - www.wordshell.net
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers

More information about the wp-hackers mailing list