[wp-trac] [WordPress Trac] #44994: Do not allow same password for Protected Posts
WordPress Trac
noreply at wordpress.org
Wed Sep 26 16:35:17 UTC 2018
#44994: Do not allow same password for Protected Posts
-------------------------------+------------------------------
Reporter: szshezan | Owner: (none)
Type: enhancement | Status: closed
Priority: normal | Milestone: Awaiting Review
Component: Posts, Post Types | Version:
Severity: normal | Resolution: invalid
Keywords: | Focuses: accessibility
-------------------------------+------------------------------
Changes (by mukesh27):
* keywords: 2nd-opinion =>
* status: new => closed
* resolution: => invalid
Comment:
Hi @szshezan i have check it and it's good idea to add unique password for
Password protected functionality but if we add unique password
functionality it break security.
for example i have set one password for one post called "Test 01" with
password "testpost at 123" and other use from same WP setup try to set
password for other post with "testpost at 123" then we will show error there
so he/she knows that this same password is bind for any other post and
this is not good for security purpose.
So i think it is not good to add unique password for each post.
Now going to close this ticket as it not good for security.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44994#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list