Support » Plugin: Wordfence Security - Firewall & Malware Scan » Locked after 2 entry attempts

  • Resolved goldatlas

    (@goldatlas)


    HI
    1. Although an account lock is set after 10 attempts, after one attempt a customer is locked in trying to recover a password.
    2. A customer who accidentally writes the username in Hebrew is locked in on the first try
    I can not fined a way to privent it?
    Please look the picture: https://1drv.ms/u/s!AlJM7dNlHfVYoORM1cMk8a-hTUJQ0A?e=GpHHmV
    Please help

    The page I need help with: [log in to see the link]

Viewing 7 replies - 1 through 7 (of 7 total)
  • delbono72

    (@delbono72)

    This happened to me as well today. In my case the usernames were not written in hebrew.
    Standard Latin without any accent. Normal users and also one administrator.
    I tried myself and It happened even with a saved password. After disabling wordfence, I could login with the exact same account.
    For the moment I am disabling the anti-brute force tool.

    • This reply was modified 2 years ago by delbono72.
    Thread Starter goldatlas

    (@goldatlas)

    It feels like the setting does not work with the Lock out after how many login failures And Lock out after how many forgot password attempts.

    Beside of this, An attempt to recover a customer’s password locks the customer’s account for the set time.

    The problem has been around for several months and we did not address it until we received more and more customer complaints
    Thanks

    Plugin Support wfpeter

    (@wfpeter)

    Hi @goldatlas,

    The screenshot looks to me as if you have the option Immediately lock out invalid usernames selected in Wordfence > All Options > Brute Force Protection. As you speak of the user “accidentally” writing the username in Hebrew it would suggest that Wordfence would see this as an invalid username and act upon this instead of the 10 attempts setting.

    Thanks,

    Peter.

    Thread Starter goldatlas

    (@goldatlas)

    HI
    1. Maby you righit, So I will cancel the Immediately lock out invalid usernames and keep the “Lock out after how many login failures” + “Lock out after how many forgot password attempts” for 10 times and I hope It will solve problem one.

    2. I think the user “accidentally” writing the username in Hebrew, I think It is mistake decision, Because the protection plugin still have to allow 10 login failures attempts and no matter what language it is written in, do not you think that?
    Thanks

    delbono72

    (@delbono72)

    This was not the case for me “Immediately lock out invalid usernames” is unchecked

    Plugin Support wfpeter

    (@wfpeter)

    Hi @delbono72,

    As per the forum guidelines, please can you create your own ticket detailing the issue you’re experiencing and any steps that you have taken to attempt a fix so far?

    Like with this case, when there are two separate issues, with our resolution for @goldatlas not working for you, it helps us focus down on the issue you’re having, provide better support, and serve as a good reference for others on the forums having the same problem in future.

    Thanks,

    Peter.

    Thread Starter goldatlas

    (@goldatlas)

    HI
    Yes, I will do it.
    Thank you

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Locked after 2 entry attempts’ is closed to new replies.