wp-login.php and BWP reCaptcha | WordPress.org

Diplo
(@diplo)

9 years, 12 months ago

Hi Khang Minh,

We’re using BWP reCaptcha to diminish brute force attacks to our WP site. However, reCaptcha only works when the user credentials are validated. Therefore, a bot can try to login as many times that it wants without filling reCaptcha at all. If it finds the right credentials, the bot owner just has to type the reCaptcha and then (s)he can log in.

Ideally, WP should validate credentials AND reCaptcha, is this possible?

Cheers,

Diplo

https://wordpress.org/plugins/bwp-recaptcha/

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Author Khang Minh
(@oddoneout)

9 years, 11 months ago

Yes this has been reported by another user as well and I’m looking into it. I will update this topic whenever this is fixed, please stay tuned.

Thread Starter Diplo
(@diplo)

9 years, 11 months ago

Great, good luck with it 🙂

Plugin Author Khang Minh
(@oddoneout)

9 years, 9 months ago

Can you test again with version 1.1.1? Thanks.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘wp-login.php and BWP reCaptcha’ is closed to new replies.

In: Plugins
3 replies
2 participants
Last reply from: Khang Minh
Last activity: 9 years, 9 months ago
Status: not resolved