This plugin implements challenge response authentication. In addition, the WordPress hasher is replaced by native PHP libraries.
| Author: | Yeora (profile at wordpress.org) |
| WordPress version required: | 5.7.0 |
| WordPress version tested: | 5.9.0 |
| Plugin version: | 1.0.0 |
| Added to WordPress repository: | 15-06-2021 |
| Last updated: | 23-01-2022
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
|
| Rating, %: | 0 |
| Rated by: | 0 |
| Plugin URI: | http://mb-challenge-response-authentication |
| Total downloads: | 407 |
 Click to start download |
|
The “MB Challenge response authentication” plugin extends the
default WordPress authentication with a challenge response authentication.
This ensures that passwords during login are no longer stored in the
clear text during the login process.
Via a menu item in the administration you can also set whether the challenge response authentication should be enforced or not. If challenge response authentication is not enforced
the default WordPress authentication is allowed as fallback.
This is the case if a user cannot hash on the client side.
Furthermore, the default WordPress hasher is overridden and PHP native functions like password_hash and password_verify are used.
Credits
Special thanks to the developers of the
bcrypt.js library https://github.com/dcodeIO/bcrypt.js.
The library is used for client-side hashing.
Screenshots
ChangeLog
