Bug: Fixed "headers already sent" warning when starting sessions.
Enhancement: Added messages to the login window to indicate whether Semisecure Login is enabled and functional.
Enhancement: Forced expiration of the login nonce after its one potential use. Previously, this could stick around and thus would be vulnerable to a replay attack if a session was hijacked.
Requires: 2.5 and the MD5 Password Hashes plugin (http://wordpress.org/extend/plugins/md5-password-hashes/) or higher Compatible up to: 2.5 (not compatible with earlier versions) Last Updated: 2008-5-1 Downloads: 973