[wp-hackers] Wordpress Event Viewer Plugin
Brian at TheCodeCave.com
Tue Apr 3 13:15:54 GMT 2007
A word of warning, please realize that some users will be highly offended if
they find out failed passwords are logged in plain text anywhere in the
system. You would be logging failed attempts by valid users as well as fake
There's a disconnect in peoples' minds between the fact that they are
sending a password to a webserver and the fact that it can be read by the
people who run the site. The thought that some sites are likely created
just to harvest passwords is a bit bothersome, but I'm sure its true. I
just hope it's not true of any really popular sites.
I once saw someone write one of these plugins for another web app and they
had it email the invalid login attempts (with mistyped passwords) to the
admin email address. Well the admin email address for this site delivered a
list of about 20 people. So those people all saw the mistyping and pretty
much could guess at what the passwords really should have been. That
included failed admin logins too Also users tried alternative passwords
that had been used at other sites and they thought they had used at this
site too. Since each admin had different privileges, this was a complete
security breakdown. The plugin was quickly turned off.
There are some real-life issues here. The passwords are stored in an
"encrypted" field in WordPress for a reason. I'd also worry that if you
included a failed password logging feature, someone would hack your plugin
to simply always email the passwords out for every login. That wouldn't be
your responsibility, but the plugin is probably easier to decipher than the
actual WP log in code is. And it is something to consider.
So, basically if I added a feature like that, I would make certain to
restrict log access to the admins and to use a nonce so that browsing or
posting directly to the log viewing page is only allowed by those admins. I
would also make it optional and leave it off by default. But that's just
me. Some might not have any problem at all with this.
More information about the wp-hackers