WordPress.org

Support

Support » Plugins and Hacks » [Resolved] This doesn't work against the current brute force attempts on the login page.

[Resolved] This doesn't work against the current brute force attempts on the login page.

Viewing 9 replies - 1 through 9 (of 9 total)
  • dreadedhamish
    Participant

    @dreadedhamish

    Actually this may work.
    I’ve moved on to another captcha and anytime a the captcha is incorrect it still logs as an incorrect login in Better WP Security. I had thought his would stop it even getting to the point of registering as an incorrect login.

    Plugin Author bestwebsoft
    Participant

    @bestwebsoft

    hello dreadedhamish,

    It is not clear, have you already found an answer or you still need our help?

    Kind regards,
    Support Team

    Martin
    Member

    @martinbreth

    Hello,

    I think what “dreadedhamish” meant was that the problem with your Captcha is that wp-login.php checks first if username and password match. If they do match, than Captcha result gets checked but the whole idea of using Captcha is to stop robots from doing anything in the first place.
    I think you guys should start working on “if captcha doesn’t match, ignore login request and if it does, than compare credentials against database”.
    I like your plugin but the current solution obviously doesn’t really work..
    Thanks,

    Martin

    Plugin Author bestwebsoft
    Participant

    @bestwebsoft

    Hello Martin,

    We will work on it.

    Thank you

    Kind regards,
    Support Team

    Hi there,

    I am wondering why this is “resolved”, when it is NOT… The same here in the duplicate bug report: http://wordpress.org/support/topic/captcha-is-inefficient-form-tries-to-login-first-then-checks-captcha-value?replies=4

    #crysman

    esmi
    Forum Moderator

    @esmi

    @crysman: This is not your topic. If you require assistance then, as per the Forum Welcome, please post your own topic.

    Maybe it is not “my topic”, but this bug also affect me, that is why I am involving in it…

    I believe it affects EVERYBODY, actually, that is why I consider it so important… (I would just edit my last post, but I believe it’s not possible here in WP forums unfortunately 🙁

    esmi
    Forum Moderator

    @esmi

    Please post your own topic.

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘[Resolved] This doesn't work against the current brute force attempts on the login page.’ is closed to new replies.