[wp-trac] [WordPress Trac] #12129: Generic login failure message
WordPress Trac
noreply at wordpress.org
Tue Apr 16 12:40:15 UTC 2013
#12129: Generic login failure message
-------------------------+------------------------------
Reporter: scohoust | Owner: ryan
Type: enhancement | Status: reopened
Priority: low | Milestone: Awaiting Review
Component: Security | Version:
Severity: major | Resolution:
Keywords: 2nd-opinion |
-------------------------+------------------------------
Comment (by lumpysimon):
Replying to [comment:5 bobbingwide]:
> Should this be revisited in light of the current scare?
The current scare is about a massive automated attack, changing the error
message won't make any difference to that.
However, I do think a generic message is a positive, if small, security
enhancement against individual attacks. I currently implement it on all my
clients' sites via the `login_errors` filter and have no reports of users
being negatively affected by it.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/12129#comment:7>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list