[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fwgunvSY5h1-6IarVBtZthv4FU2-1jT-H8StbTLFYB5k":3},{"slug":4,"display_name":5,"profile_url":6,"plugin_count":7,"total_installs":8,"avg_security_score":9,"avg_patch_time_days":10,"trust_score":11,"computed_at":12,"plugins":13},"convissor","Daniel Convissor","https:\u002F\u002Fprofiles.wordpress.org\u002Fconvissor\u002F",1,4000,85,30,84,"2026-04-04T17:18:33.733Z",[14],{"slug":15,"name":16,"version":17,"author":5,"author_profile":6,"description":18,"short_description":19,"active_installs":8,"downloaded":20,"rating":21,"num_ratings":22,"last_updated":23,"tested_up_to":24,"requires_at_least":25,"requires_php":26,"tags":27,"homepage":33,"download_link":34,"security_score":9,"vuln_count":35,"unpatched_count":35,"last_vuln_date":36,"fetched_at":37},"login-security-solution","Login Security Solution","0.56.0","\u003Cp>A simple way to lock down login security for multisite and regular\u003Cbr \u002F>\nWordPress installations.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>Blocks brute force and dictionary attacks without inconveniencing\u003Cbr \u002F>\nlegitimate users or administrators\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Tracks IP addresses, usernames, and passwords\u003C\u002Fli>\n\u003Cli>Monitors logins made by form submissions, XML-RPC requests and\u003Cbr \u002F>\nauth cookies\u003C\u002Fli>\n\u003Cli>If a login failure uses data matching a past failure, the plugin\u003Cbr \u002F>\nslows down response times.  The more failures, the longer the delay.\u003Cbr \u002F>\nThis limits attackers ability to effectively probe your site,\u003Cbr \u002F>\nso they’ll give up and go find an easier target.\u003C\u002Fli>\n\u003Cli>If an account seems breached, the “user” is immediately logged out\u003Cbr \u002F>\nand forced to use WordPress’ password reset utility.  This prevents\u003Cbr \u002F>\nany damage from being done and verifies the user’s identity.  But\u003Cbr \u002F>\nif the user is coming in from an IP address they have used in the\u003Cbr \u002F>\npast, an email is sent to the user making sure it was them logging in.\u003Cbr \u002F>\nAll without intervention by an administrator.\u003C\u002Fli>\n\u003Cli>Can notify the administrator of attacks and breaches\u003C\u002Fli>\n\u003Cli>Supports IPv6\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Thoroughly examines and enforces password strength.  Includes full\u003Cbr \u002F>\nUTF-8 character set support if PHP’s \u003Ccode>mbstring\u003C\u002Fcode> extension is enabled.\u003Cbr \u002F>\nThe tests have caught every password dictionary entry I’ve tried.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Minimum length (customizable)\u003C\u002Fli>\n\u003Cli>Doesn’t match blog info\u003C\u002Fli>\n\u003Cli>Doesn’t match user data\u003C\u002Fli>\n\u003Cli>Must either have numbers, punctuation, upper and lower case characters\u003Cbr \u002F>\nor be very long.  Note: alphabets with only one case (e.g. Arabic,\u003Cbr \u002F>\nHebrew, etc.) are automatically exempted from the upper\u002Flower case\u003Cbr \u002F>\nrequirement.\u003C\u002Fli>\n\u003Cli>Non-sequential codepoints\u003C\u002Fli>\n\u003Cli>Non-sequential keystrokes (custom sequence files can be added)\u003C\u002Fli>\n\u003Cli>Not in the password dictionary files you’ve provided (if any)\u003C\u002Fli>\n\u003Cli>Decodes “leet” speak\u003C\u002Fli>\n\u003Cli>The password\u002Fphrase is not found by the \u003Ccode>dict\u003C\u002Fcode> dictionary\u003Cbr \u002F>\nprogram (if available)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Blocks discovering user names via the “?author=” query string\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Password aging (optional) (not recommended)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Users need to change password every x days (customizable)\u003C\u002Fli>\n\u003Cli>Grace period for picking a new password (customizable)\u003C\u002Fli>\n\u003Cli>Remembers old passwords (quantity is customizable)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Administrators can require all users to change their passwords\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Done via a flag in each user’s database entry\u003C\u002Fli>\n\u003Cli>No mail is sent, keeping your server off of spam lists\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Logs out idle sessions (optional) (idle time is customizable)\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Maintenance mode (optional)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Publicly viewable content remains visible\u003C\u002Fli>\n\u003Cli>Disables logins by all users, except administrators\u003C\u002Fli>\n\u003Cli>Logs out existing sessions, except administrators\u003C\u002Fli>\n\u003Cli>Disables posting of comments\u003C\u002Fli>\n\u003Cli>Useful for maintenance or emergency reasons\u003C\u002Fli>\n\u003Cli>This is separate from WordPress’ maintenance mode\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Prevents information disclosures from failed logins\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Improvements Over Similar WordPress Plugins\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Multisite network support\u003C\u002Fli>\n\u003Cli>Monitors authentication cookies for bad user names and hashes\u003C\u002Fli>\n\u003Cli>Tracks logins from XML-RPC requests\u003C\u002Fli>\n\u003Cli>Adjusts WordPress’ password policy user interfaces\u003C\u002Fli>\n\u003Cli>Takes security seriously so the plugin itself does not open your site\u003Cbr \u002F>\nto SQL, HTML, or header injection vulnerabilities\u003C\u002Fli>\n\u003Cli>Notice-free code means no information disclosures if \u003Ccode>display_errors\u003C\u002Fcode>\u003Cbr \u002F>\nis on and \u003Ccode>error_reporting\u003C\u002Fcode> includes \u003Ccode>E_NOTICE\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Only loads files, actions, and filters needed for enabled options\u003Cbr \u002F>\nand the page’s context\u003C\u002Fli>\n\u003Cli>Provides an option to have deactivation remove all of this plugin’s\u003Cbr \u002F>\ndata from the database\u003C\u002Fli>\n\u003Cli>Uses WordPress’ features rather than fighting or overriding them\u003C\u002Fli>\n\u003Cli>No advertising, promotions, or beacons\u003C\u002Fli>\n\u003Cli>Proper internationalization support\u003C\u002Fli>\n\u003Cli>Clean, documented code\u003C\u002Fli>\n\u003Cli>Unit tests covering 100% of the main class\u003C\u002Fli>\n\u003Cli>Internationalized unit tests\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For reference, the similar plugins include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002F6scan-protection\u002F\" rel=\"ugc\">6Scan Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fbetter-wp-security\u002F\" rel=\"ugc\">Better WP Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fenforce-strong-password\u002F\" rel=\"ugc\">Enforce Strong Password\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fforce-strong-passwords\u002F\" rel=\"ugc\">Force Strong Passwords\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flimit-login-attempts\u002F\" rel=\"ugc\">Limit Login Attempts\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flogin-lock\u002F\" rel=\"ugc\">Login Lock\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flogin-lockdown\u002F\" rel=\"ugc\">Login LockDown\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpmc-lockdown\u002F\" rel=\"ugc\">PMC Lockdown\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fsimple-login-lockdown\u002F\" rel=\"ugc\">Simple Login Lockdown\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwordfence\u002F\" rel=\"ugc\">Wordfence Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-login-security\u002F\" rel=\"ugc\">WP Login Security\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwp-login-security-2\u002F\" rel=\"ugc\">WP Login Security 2\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Compatibility with Other Plugins\u003C\u002Fh4>\n\u003Cp>Some plugins provide similar functionality.  These overlaps can lead to\u003Cbr \u002F>\nconflicts during program execution.  Please read the FAQ!\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Deutsche, Deutschland (German, Germany) (de_DE) by Christian Foellmann\u003C\u002Fli>\n\u003Cli>Français, français (French, France) (fr_FR) by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmermouy\" rel=\"nofollow ugc\">mermouy\u003C\u002Fa> and and Fx Bénard\u003C\u002Fli>\n\u003Cli>Italiano, Italia (Italian, Italy) (it_IT) by Daniele Passalacqua\u003C\u002Fli>\n\u003Cli>日本語, 日本国 (Japanese, Japan) (ja_JP) by \u003Ca href=\"https:\u002F\u002Fprofiles.wordpress.org\u002Fmotoyamayuki\u002F\" rel=\"nofollow ugc\">motoyamayuki\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Nederlands, Nederland (Dutch, Netherlands) (nl_NL) by Friso van Wieringen\u003C\u002Fli>\n\u003Cli>polski, Polska (Polish, Poland) (pl_PL) by Michał Seweryniak \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fminiol\" rel=\"nofollow ugc\">miniol\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>Português, Brasil (Portugese, Brazil) (pt_BR) by Valdir Trombini\u003C\u002Fli>\n\u003Cli>suomi, Suomi (Finnish, Finland) (fi_FI) by Juha Remes \u003Ca href=\"https:\u002F\u002Fgithub.com\u002FNewman101\" rel=\"nofollow ugc\">Newman101\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Source Code, Bugs, and Feature Requests\u003C\u002Fh4>\n\u003Cp>Development of this plugin happens on\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fconvissor\u002Flogin-security-solution\" rel=\"nofollow ugc\">GitHub\u003C\u002Fa>.\u003Cbr \u002F>\nPlease submit\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fconvissor\u002Flogin-security-solution\u002Fissues\" rel=\"nofollow ugc\">bug and feature requests\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fconvissor\u002Flogin-security-solution\u002Fpulls\" rel=\"nofollow ugc\">pull requests\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fconvissor\u002Flogin-security-solution\u002Fwiki\" rel=\"nofollow ugc\">wiki entries\u003C\u002Fa>\u003Cbr \u002F>\nthere.\u003Cbr \u002F>\nReleases are then squashed and pushed to WordPress’\u003Cbr \u002F>\n\u003Ca href=\"https:\u002F\u002Fplugins.svn.wordpress.org\u002Flogin-security-solution\u002F\" rel=\"nofollow ugc\">Plugins SVN repository\u003C\u002Fa>.\u003Cbr \u002F>\nThis division is necessary due having being chastised that “the Plugins SVN\u003Cbr \u002F>\nrepository is a release system, not a development system.”\u003C\u002Fp>\n\u003Cp>Old tickets are in the \u003Ca href=\"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fquery?status=assigned&status=closed&status=new&status=reopened&component=login-security-solution&col=id&col=summary&col=status&col=owner&col=type&col=priority&col=component&desc=1&order=id\" rel=\"nofollow ugc\">Plugins Trac\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Strong, Unique Passwords Are Important\u003C\u002Fh4>\n\u003Cp>Yeah, creating, storing\u002Fremembering, and using a \u003Cstrong>different\u003C\u002Fstrong>, \u003Cstrong>strong\u003C\u002Fstrong>\u003Cbr \u002F>\npassword for each site you use is a hassle.  \u003Cem>But it is absolutely\u003Cbr \u002F>\nnecessary.\u003C\u002Fem>\u003C\u002Fp>\n\u003Cp>Password lists get stolen on a regular basis from big name sites (like\u003Cbr \u002F>\nLinkedin for example!).  Criminals then have unlimited time to decode the\u003Cbr \u002F>\npasswords.  In general, 50% of those passwords are so weak they get figured\u003Cbr \u002F>\nout in a matter of seconds.  Plus there are computers on the Internet\u003Cbr \u002F>\ndedicated to pounding the sites with login attempts, hoping to get lucky.\u003C\u002Fp>\n\u003Cp>Many people use the same password for multiple sites.  Once an attacker\u003Cbr \u002F>\nfigures out your password on one site, they’ll try it on your accounts at\u003Cbr \u002F>\nother sites.  It gets ugly very fast.\u003C\u002Fp>\n\u003Cp>But don’t despair!  There are good, free tools that make doing the right\u003Cbr \u002F>\nthing a piece of cake.  For example: \u003Ca href=\"http:\u002F\u002Fwww.keepassx.org\u002F\" rel=\"nofollow ugc\">KeePassX\u003C\u002Fa>,\u003Cbr \u002F>\n\u003Ca href=\"http:\u002F\u002Fkeepass.info\u002F\" rel=\"nofollow ugc\">KeePass\u003C\u002Fa>,\u003Cbr \u002F>\nor \u003Ca href=\"https:\u002F\u002Fagilebits.com\u002Fonepassword\" rel=\"nofollow ugc\">1Password\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Securing Your WordPress Site is Important\u003C\u002Fh4>\n\u003Cp>You’re probably thinking “There’s nothing valuable on my website. No one\u003Cbr \u002F>\nwill bother breaking into it.”  What you need to realize is that attackers\u003Cbr \u002F>\nare going after your visitors.  They put stealth code on your website\u003Cbr \u002F>\nthat pushes malware into your readers’ browsers.\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>According to SophosLabs more than 30,000 websites are infected\u003Cbr \u002F>\n  every day and 80% of those infected sites are legitimate.\u003Cbr \u002F>\n  Eighty-five percent of all malware, including viruses, worms,\u003Cbr \u002F>\n  spyware, adware and Trojans, comes from the web. Today,\u003Cbr \u002F>\n  drive-by downloads have become the top web threat.\u003C\u002Fp>\n\u003Cp>— \u003Ca href=\"http:\u002F\u002Fwww.sophos.com\u002Fen-us\u002Fsecurity-news-trends\u002Freports\u002Fsecurity-threat-report\u002Fhtml-08.aspx\" rel=\"nofollow ugc\">\u003Cem>Security Threat Report 2012\u003C\u002Fem>\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>So if your site does get cracked, not only do you waste hours cleaning up,\u003Cbr \u002F>\nyour reputation gets sullied, security software flags your site as dangerous,\u003Cbr \u002F>\nand worst of all, you’ve inadvertently helped infect the computers of your\u003Cbr \u002F>\nclients and friends.  Oh, and if the attack involves malware, that malware\u003Cbr \u002F>\nhas probably gotten itself into your computer.\u003C\u002Fp>\n\u003Ch3>Actions\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>login_security_solution_insert_fail\u003C\u002Fli>\n\u003Cli>login_security_solution_notify_breach\u003C\u002Fli>\n\u003Cli>login_security_solution_notify_fail\u003C\u002Fli>\n\u003Cli>login_security_solution_fail_tier_dos\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Filters\u003C\u002Fh3>\n\u003Cp>The following filters allow customizing email subjects and messages.  If\u003Cbr \u002F>\neither the “subject”or “message” filters in a method returns an empty\u003Cbr \u002F>\nstring, the given method will skip calling \u003Ccode>wp_mail()\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>login_security_solution_notify_breach_subject\u003C\u002Fli>\n\u003Cli>login_security_solution_notify_breach_message\u003C\u002Fli>\n\u003Cli>login_security_solution_notify_breach_user_subject\u003C\u002Fli>\n\u003Cli>login_security_solution_notify_breach_user_message\u003C\u002Fli>\n\u003Cli>login_security_solution_notify_fail_subject\u003C\u002Fli>\n\u003Cli>login_security_solution_notify_fail_message\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Unit Tests\u003C\u002Fh4>\n\u003Cp>A thorough set of unit tests are found in the \u003Ccode>tests\u003C\u002Fcode> directory.\u003C\u002Fp>\n\u003Cp>The plugin needs to be installed and activated before running the tests.\u003C\u002Fp>\n\u003Cp>To execute the tests, \u003Ccode>cd\u003C\u002Fcode> into this plugin’s directory and\u003Cbr \u002F>\ncall \u003Ccode>phpunit tests\u003C\u002Fcode>\u003C\u002Fp>\n\u003Cp>Translations can be tested by changing the \u003Ccode>WPLANG\u003C\u002Fcode> value in \u003Ccode>wp-config.php\u003C\u002Fcode>.\u003C\u002Fp>\n\u003Cp>Please note that the tests make extensive use of database transactions.\u003Cbr \u002F>\nMany tests will be skipped if your \u003Ccode>wp_options\u003C\u002Fcode> and \u003Ccode>wp_usermeta\u003C\u002Fcode> tables\u003Cbr \u002F>\nare not using the \u003Ccode>InnoDB\u003C\u002Fcode> storage engine.\u003C\u002Fp>\n\u003Ch4>Removal\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>This plugin offers the ability to remove all of this plugin’s settings\u003Cbr \u002F>\nfrom your database.  Go to WordPress’ “Plugins” admin interface and\u003Cbr \u002F>\nclick the “Settings” link for this plugin.  In the “Deactivate” entry,\u003Cbr \u002F>\nclick the “Yes, delete the damn data” button and save the form.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Use WordPress’ “Plugins” admin interface to click the “Deactivate” link\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Remove the \u003Ccode>login-security-solution\u003C\u002Fcode> directory from the server\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>In the event you didn’t pick the “Yes, delete the damn data” option or\u003Cbr \u002F>\nyou manually deleted the plugin, you can get rid of the settings by running\u003Cbr \u002F>\nthree queries.  These  queries are exapmles, using the default table name\u003Cbr \u002F>\nprefix of, \u003Ccode>wp_\u003C\u002Fcode>.  If you have changed your database prefix, adjust the\u003Cbr \u002F>\nqueries accordingly.\u003C\u002Fp>\n\u003Cpre>\u003Ccode>    DROP TABLE wp_login_security_solution_fail;\n\n    DELETE FROM wp_options WHERE option_name LIKE 'login-security-solution%';\n\n    DELETE FROM wp_usermeta WHERE meta_key LIKE 'login-security-solution%';= Inspiration and References =\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cul>\n\u003Cli>\n\u003Cp>Password Research\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Farstechnica.com\u002Fsecurity\u002F2012\u002F08\u002Fpasswords-under-assault\u002F\" rel=\"nofollow ugc\">Why passwords have never been weaker — and crackers have never been stronger\u003C\u002Fa>, Dan Goodin\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.cl.cam.ac.uk\u002F~jcb82\u002Fdoc\u002FB12-IEEESP-evaluating_a_huge_password_corpus.pdf\" rel=\"nofollow ugc\">You can never have too many passwords: techniques for evaluating a huge corpus\u003C\u002Fa>, Joseph Bonneau\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.cs.ru.nl\u002Fbachelorscripties\u002F2010\u002FMartin_Devillers___0437999___Analyzing_password_strength.pdf\" rel=\"nofollow ugc\">Analyzing Password Strength\u003C\u002Fa>, Martin Devillers\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.imperva.com\u002Fdocs\u002FWP_Consumer_Password_Worst_Practices.pdf\" rel=\"nofollow ugc\">Consumer Password Worst Practices\u003C\u002Fa>, Imperva\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.bryanrite.com\u002Fpreventing-brute-force-attacks-on-your-web-login\u002F\" rel=\"nofollow ugc\">Preventing Brute Force Attacks on your Web Login\u003C\u002Fa>, Bryan Rite\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fxkcd.com\u002F936\u002F\" rel=\"nofollow ugc\">Password Strength\u003C\u002Fa>, Randall Munroe\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Technical Info\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdoc.infosnel.nl\u002Fextreme_utf-8.html\" rel=\"nofollow ugc\">The Extreme UTF-8 Table\u003C\u002Fa>, infosnel.nl\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ftools.ietf.org\u002Fhtml\u002Frfc5952\" rel=\"nofollow ugc\">A Recommendation for IPv6 Address Text Representation\u003C\u002Fa>, Seiichi Kawamura and Masanobu Kawashima\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>Password Lists\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fdazzlepod.com\u002Fsite_media\u002Ftxt\u002Fpasswords.txt\" rel=\"nofollow ugc\">Dazzlepod Password List\u003C\u002Fa>, Dazzlepod\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.searchlores.org\u002Fcommonpass1.htm\" rel=\"nofollow ugc\">Common Passwords\u003C\u002Fa>, Fravia\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwww.whatsmypass.com\u002Fthe-top-500-worst-passwords-of-all-time\" rel=\"nofollow ugc\">The Top 500 Worst Passwords of All Time\u003C\u002Fa>, Mark Burnett\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>To Do\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Provide a user interface to the \u003Ccode>fail\u003C\u002Fcode> table.\u003C\u002Fli>\n\u003C\u002Ful>\n","Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode lockdown.",290214,88,54,"2017-11-28T10:46:00.000Z","4.4.34","3.3","",[28,29,30,31,32],"login","password","passwords","strength","strong","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Flogin-security-solution\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flogin-security-solution.zip",0,null,"2026-03-15T15:16:48.613Z"]