Inspired by how Facebook assists their users when they log in, I decided to implement something like the same for WordPress. The other day, I came across a tweet with a screenshot that indicates that Facebook does some interesting permutations of the supplied password when authorizing users:
I thought this was a brilliant idea, and wanted to see if I could implement something like this in WordPress. The result (so far) is some code that runs a few tests on the provided password and retests the password.
More exactly what this does, is when the user’s password fail, we try some permutations of the password, to correct for:
If an extra whitespace was added at the beginning or the end of the password.
So here’ the code I made as a proof of concept. It works with any properly coded hashing pluggables, like Roots’ WP Password bcrypt. You can just download this file and drop it in your mu-plugins directory.
<?php
/**
* Test a bunch of permutations of the password when logging into WordPress.
*
* Drop this file in your mu-plugins directory.
* Inspired by Facebook: https://twitter.com/gcpascutto/status/821755332984717314/photo/1
* Works with any properly coded hashing pluggables,
Source: https://managewp.org/articles/14345/giving-users-a-helping-hand-when-authorizing-them-in-wordpress
source https://williechiu40.wordpress.com/2017/02/07/giving-users-a-helping-hand-when-authorizing-them-in-wordpress/
No comments:
Post a Comment