Changes the login error messages revealing the existence of a user name to a more secure version.
Author: | Lutz Schröer (profile at wordpress.org) |
WordPress version required: | 3.0 |
WordPress version tested: | 3.2.1 |
Plugin version: | 1.0 |
Added to WordPress repository: | 07-06-2011 |
Last updated: | 07-06-2011
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
|
Rating, %: | 100 |
Rated by: | 1 |
Plugin URI: | http://x.elektroelch.net/ulem/ |
Total downloads: | 2 235 |
Active installs: | 200+ |
Click to start download |
If you log-in to your WordPress backend and enter the right username but a false password WordPress shows the error message "ERROR: The password you entered for the username admin is incorrect. Lost your password?" revealing that the username "admin" is registered and a possible attacker can check passwords with this username to gain access to the installation. This plugin changes the error messages to "ERROR: Invalid user/password combination." if you enter a non-registered username and/or a false password and makes it more difficult for an attacker to decypher your blog's passwords.
Screenshots
ChangeLog