Title: Weak password, general message? Last modified: August 22, 2016 --- # Weak password, general message? * Resolved [Willem-Siebe](https://wordpress.org/support/users/siebje/) * (@siebje) * [11 years, 6 months ago](https://wordpress.org/support/topic/weak-password-general-message/) * Hi, * QS1: * When activating your plugin I get: * > You have not asked your users to change their passwords since the plugin was > activated. Most users have weak passwords. This plugin’s password policies > protect your site from brute force attacks. Please improve security for everyone > on the Internet by making all users pick new, strong, passwords. * Is this just a general message, or does your plugin really know that my users have weak passwords? I can’t see the passwords they use, so I’m asking… because how can your plugin then decide it are weak passwords? * QS2: * I let my customer register themselves with Formidable Registration plugin. This plugin generates a password itself, which I figured out is not ‘strong’ enough considering your plugin. * Do you offer other plugin developers a tool/API or something like that so they can confirm to your ‘password strenght guidelines’? * Kind regards, * Willem * [https://wordpress.org/plugins/login-security-solution/](https://wordpress.org/plugins/login-security-solution/) Viewing 3 replies - 1 through 3 (of 3 total) * Thread Starter [Willem-Siebe](https://wordpress.org/support/users/siebje/) * (@siebje) * [11 years, 6 months ago](https://wordpress.org/support/topic/weak-password-general-message/#post-5517646) * Hi, * QS3 * I don’t understand the difference between these options: * Should multiple failure notifications be sent to the administrators? No, just notify them the first time that x matching login failures happen. Yes, notify them upon every x matching login failures. * Plugin Author [Daniel Convissor](https://wordpress.org/support/users/convissor/) * (@convissor) * [11 years, 5 months ago](https://wordpress.org/support/topic/weak-password-general-message/#post-5518059) * 1) It’s a general message. * 2) Hmm. Guess I could add a hook that runs the login_security_solution::validate_pw() method or see if WP already has one. * 3) If your failure level is set to 50, the “No” option notifies you at 50 failures and that’s it while the “Yes” option notifies you at 50, 100, 150, etc. * Thread Starter [Willem-Siebe](https://wordpress.org/support/users/siebje/) * (@siebje) * [11 years, 2 months ago](https://wordpress.org/support/topic/weak-password-general-message/#post-5518127) * Hi Daniel, * Thanks for the answers. Any more info about QS 2 and your plans? * Kind regards, * Willem Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Weak password, general message?’ is closed to new replies. * ![](https://s.w.org/plugins/geopattern-icon/login-security-solution.svg) * [Login Security Solution](https://wordpress.org/plugins/login-security-solution/) * [Frequently Asked Questions](https://wordpress.org/plugins/login-security-solution/#faq) * [Support Threads](https://wordpress.org/support/plugin/login-security-solution/) * [Active Topics](https://wordpress.org/support/plugin/login-security-solution/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/login-security-solution/unresolved/) * [Reviews](https://wordpress.org/support/plugin/login-security-solution/reviews/) * 3 replies * 2 participants * Last reply from: [Willem-Siebe](https://wordpress.org/support/users/siebje/) * Last activity: [11 years, 2 months ago](https://wordpress.org/support/topic/weak-password-general-message/#post-5518127) * Status: resolved