Support » Plugin: Login Security Solution » Excellent plugin

  • Resolved cdrak0715

    (@cdrak0715)


    Recently, I noticed lots attempts to access the admin of a WordPress site I run. Sad to say I was one of those people who never changed the default user from “admin”. I both changed the user and added this plugin.

    I’m very pleased with the way this plugin handles the attempts. It’s been interesting to see I do wish there were a way for me to see what passwords are being tried. A brute force attack was attempted over the weekend, but apparently, whoever was behind it was discouraged by the slowed response and has gone away. I’m sure the fool will be back at some point. I’ll block the IP after that.

    Thanks for the hard work you put into this. Nice job!

    http://wordpress.org/extend/plugins/login-security-solution/

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author Daniel Convissor

    (@convissor)

    Hi: Thanks for the kind words! Storing the actual passwords would compromise the security of legitimate users, so we can’t do that, sorry. –Dan

    I see what appears to be an encrypted password in the database. I’ve seen various attempts at users other than “admin” and I’m just curious as to what passwords are being tried. It’s curiosity, nothing else. I fully understand about not compromising security and not satisfying my curiosity isn’t a show stopper.

    Plugin Author Daniel Convissor

    (@convissor)

    Yeah. I’m sure there are some crazy passwords being tried and it’d be funny to see them. 🙂

    Just to share a few I’ve been logging for “admin” seems it’s not a real user:

    Passwords tried consist of:

    • Pretty much all of the passwords here: http://blog.wundercounter.com/2009/12/twitter-and-avoiding-weak-passwords.html
    • Every keyword on the homepage of each of the sites in a multi-site.
    • General dictionary searches (with and without numbers added to end / beginning).
    • Swear words / profanity (with and without numbers added to end / begining).
    • Many repetitive number/letter sequences like: 11223344, 1122334455, a1b2c3d4, qweqweqwe
    • And far more complex ones than these below
    • admin
    • john
    • jack
    • nick
    • superman
    • Superman
    • 0123456789
    • 123456789
    • 12345678
    • 1234567
    • 123456
    • 12345
    • 1234
    • 123
    • 12
    • 1
    • ADMINISTRATOR
    • Administrator
    • Admin123456
    • Admin!
    • 1qaz2wsx
    • test123
    • q1w2e3r4
    • 12admin12
    • hackers
    • admin!@#
    • changeme
    • m123456
    • p@55w0rd
    • etc. etc.

    A large number of these use the user agent Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm).

    I noticed one “user” tried various combinations of names and words from the site as the user – and possibly the password as well. Interesting info. Thanks.

    The amount of attempts at getting into the admin on the site has dwindled to a trickle since I installed this plugin. I had to block one IP because it wouldn’t quit and I didn’t want to cause problems with the server. I’m certain if I hadn’t blocked the IP, the attempts would still be going on.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Excellent plugin’ is closed to new replies.