Login Security Solution
[resolved] Excellent plugin (6 posts)

  1. cdrak0715
    Posted 3 years ago #

    Recently, I noticed lots attempts to access the admin of a WordPress site I run. Sad to say I was one of those people who never changed the default user from "admin". I both changed the user and added this plugin.

    I'm very pleased with the way this plugin handles the attempts. It's been interesting to see I do wish there were a way for me to see what passwords are being tried. A brute force attack was attempted over the weekend, but apparently, whoever was behind it was discouraged by the slowed response and has gone away. I'm sure the fool will be back at some point. I'll block the IP after that.

    Thanks for the hard work you put into this. Nice job!


  2. Daniel Convissor
    Plugin Author

    Posted 3 years ago #

    Hi: Thanks for the kind words! Storing the actual passwords would compromise the security of legitimate users, so we can't do that, sorry. --Dan

  3. cdrak0715
    Posted 3 years ago #

    I see what appears to be an encrypted password in the database. I've seen various attempts at users other than "admin" and I'm just curious as to what passwords are being tried. It's curiosity, nothing else. I fully understand about not compromising security and not satisfying my curiosity isn't a show stopper.

  4. Daniel Convissor
    Plugin Author

    Posted 3 years ago #

    Yeah. I'm sure there are some crazy passwords being tried and it'd be funny to see them. :)

  5. Dean Taylor
    Posted 3 years ago #

    Just to share a few I've been logging for "admin" seems it's not a real user:

    Passwords tried consist of:

    • Pretty much all of the passwords here: http://blog.wundercounter.com/2009/12/twitter-and-avoiding-weak-passwords.html
    • Every keyword on the homepage of each of the sites in a multi-site.
    • General dictionary searches (with and without numbers added to end / beginning).
    • Swear words / profanity (with and without numbers added to end / begining).
    • Many repetitive number/letter sequences like: 11223344, 1122334455, a1b2c3d4, qweqweqwe
    • And far more complex ones than these below
    • admin
    • john
    • jack
    • nick
    • superman
    • Superman
    • 0123456789
    • 123456789
    • 12345678
    • 1234567
    • 123456
    • 12345
    • 1234
    • 123
    • 12
    • 1
    • Administrator
    • Admin123456
    • Admin!
    • 1qaz2wsx
    • test123
    • q1w2e3r4
    • 12admin12
    • hackers
    • admin!@#
    • changeme
    • m123456
    • p@55w0rd
    • etc. etc.

    A large number of these use the user agent Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm).

  6. cdrak0715
    Posted 3 years ago #

    I noticed one "user" tried various combinations of names and words from the site as the user - and possibly the password as well. Interesting info. Thanks.

    The amount of attempts at getting into the admin on the site has dwindled to a trickle since I installed this plugin. I had to block one IP because it wouldn't quit and I didn't want to cause problems with the server. I'm certain if I hadn't blocked the IP, the attempts would still be going on.

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • Login Security Solution
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic


No tags yet.