[wp-hackers] Possible security patch
feeds at armeda.com
Mon Dec 7 17:22:27 UTC 2009
> Mark Jaquith wrote:
>> I think I have a better method of tackling this issue: We now prompt
>> the user in the wp-admin when they are using the default install
>> password or a reset password. What about if we do a similar prompt if
>> "admin" is the only user on the blog, suggesting that they create a
>> second user name and use THAT for posting?
> What about simply asking the user about renaming 'admin' to
> something more
What about a second built-in account specifically built for posting
and simply asking the user to rename this account. I think we separate
them all together so there is no confusion.
More information about the wp-hackers