Support » Plugin: Cerber Security & Antispam » Protect the username and password form inspect element at wordpress login

  • lalitavalon

    (@lalitavalon)


    Hi,
    I install this plugin in my website but there is a question related to security when i login in wordpress admin with username and password and inspect element in browser so in network tab it shows the username and password in clear text can we hide this username and password from that or encrypt it it wolud be very helpful if you secure this information

    I am waiting plz respond

Viewing 11 replies - 1 through 11 (of 11 total)
  • Plugin Author Gioni

    (@gioni)

    Hi!

    Obviously, you’ve installed and now you use another security plugin. Cerber doesn’t have a network tab and doesn’t record or show passwords at all.

    lalitavalon

    (@lalitavalon)

    Thanks for the reply.
    Can you tell me how and which plugin we have to install and how can we secure it.
    Please find the screenshot for the same that i am asking for:
    http://prntscr.com/gvhu85

    Plugin Author Gioni

    (@gioni)

    Just google wordpress security guide or something like that. There are a lot of blog post out there. Read some ideas on the Cerber’s website: http://wpcerber.com

    Everything is OK on your screenshot.

    lalitavalon

    (@lalitavalon)

    Hi,
    I google and search it with other words but all are sugessting for SSL . But even SSL instaaltion the username and password is still in plain text. Please help me how can hide or encypt it please please help me how can we do that.

    If you help me u will save my huge time, bz i did not find any solution. i search many of sites nd google it but every time i become dispoint, but u said we can encrypt please tell me how. it would be very helpful if u will help me

    Plugin Author Gioni

    (@gioni)

    You did not find a solution because the only and the right way is using SSL. It will encode all traffic including passwords.

    lalitavalon

    (@lalitavalon)

    but after installing the ssl it will not encode user name password it pass the and shows the username and password in plain text.
    If i talk about the wordpress,org it is ssl secured website but in that usrname and password shoes in the plain text in pre/post form data.
    I want to hide or encrypt that information also’please find the screen shot for the same.

    http://prntscr.com/gvkhax

    themememe

    (@themememe)

    @lalitavalon

    1) You’re not asking a question about WP-Cerber so this isn’t the right place for this question and should be reported to the mods.

    2) You asked this question a few days ago on another thread and Steve Stern gave you the answer already: https://wordpress.org/support/topic/password-parameter-on-wordpress-login-page/

    lalitavalon

    (@lalitavalon)

    Okay thanks for the reply.
    I just want to know by installing this plugin is my site secure with CSRF attack.And can i test it. and this plugin protect my website with this attack

    Plugin Author Gioni

    (@gioni)

    CSRF attacks are targeted to some vulnerability in a plugin, a theme or WordPress itself. A CSRF attack exploits that unfixed vulnerabilty to hack a website. Some security plugins can protect a website from some of well known CSRF attacks but they do not protect the website from all of them. So I can’t recommend a plugin to protect a website from CSRF attacks because it’s a false sense of security. The best way is to keep the software is up to date.

    lalitavalon

    (@lalitavalon)

    so, this plugin is not protect from the csrf attack??

    Plugin Author Gioni

    (@gioni)

    No.

Viewing 11 replies - 1 through 11 (of 11 total)
  • You must be logged in to reply to this topic.