[wp-trac] [WordPress Trac] #14575: Potentially misleading error message for incorrect_password login error
WordPress Trac
wp-trac at lists.automattic.com
Mon Aug 9 22:55:46 UTC 2010
#14575: Potentially misleading error message for incorrect_password login error
--------------------------+-------------------------------------------------
Reporter: mdawaffe | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 3.1
Component: UI | Version: 3.0.1
Severity: minor | Keywords: has-patch
--------------------------+-------------------------------------------------
When a user attempts to log in with an incorrect password, the
incorrect_password error returned by
{{{wp_authenticate_username_password()}}} has the following message.
> Incorrect password.
If, instead, the user entered the correct password but for the wrong
(though existing) account, the error response is the same. In that
situation the message in unhelpful and potentially misleading.
For example, a site might have users 'bobbybluefoot' and 'boobybluefoot'.
If bobbybluefoot mistypes his username as boobybluefoot, and enters his
password, he gets an "Incorrect password" error.
Attached changes the error message to match the error returned by
{{{wp_authenticate()}}}.
> Invalid username or incorrect password.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/14575>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list