WordPress.org

Support

Support » Plugins and Hacks » [Resolved] Is action on failed login safe?

[Resolved] Is action on failed login safe?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Henrik Schack
    Participant

    @henrikschack

    Originally I didn’t reveal any information about what went wrong in case of a failed login. I was then contacted by a WordPress developer that informed that was not the WordPress way of doing things.
    Then I changed it to the current state.

    It’s kinda hard to make everyone happy 🙂

    Best regards
    Henrik Schack

    barthat
    Member

    @barthat

    Yes, given that WP have the failed login ‘shake’ they don’t seem to think this is a security issue which is baffling to me.

    Would it be difficult for you to make this as an option so they people can choose for themselves?

    Thanks.

    Plugin Author Henrik Schack
    Participant

    @henrikschack

    No it would not be that hard, but another side effect would be the amount of email I would get when people forget their password 🙁

    Best regards
    Henrik Schack

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Resolved] Is action on failed login safe?’ is closed to new replies.