Hacking WordPress? | WordPress.org

msummers
(@msummers)

11 years, 11 months ago

In creating a WordPress site, I’m careful about creating Users and passwords that should be hardened. Yet invariably, I’ll eventually see a brute force attacker begin using one of my User names, with a dictionary on the password. How is that possible that they have used a legitimate user name? Also, is the username case sensitive? Over the past month I have had nearly 2000 attempts to login using a correct user name, although the capitalization was not correct. I’m baffled as to how that could have happened. Any ideas?

Viewing 2 replies - 1 through 2 (of 2 total)

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

11 years, 11 months ago

Because if you view the page source of a post, you can see the author’s ID. That’s how they get it.

Thread Starter msummers
(@msummers)

11 years, 11 months ago

Oh, gosh. How silly of me! So would it make sense to create a different author name than used to login?

Thanks for the enlightenment.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Hacking WordPress?’ is closed to new replies.

In: Everything else WordPress
2 replies
2 participants
Last reply from: msummers
Last activity: 11 years, 11 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics