WP-Safety

Force Login With Email Security & Risk Analysis

wordpress.org/plugins/force-login-with-email

Enable login in WordPress only with user e-mail address.

200 active installs v1.0.5 PHP 5.6+ WP 4.0+ Updated Jul 13, 2020
authenticationemailloginusername
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Force Login With Email Safe to Use in 2026?

Generally Safe

Score 85/100

Force Login With Email has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago
Risk Assessment

The "force-login-with-email" v1.0.5 plugin exhibits a remarkably strong security posture based on the provided static analysis. The absence of any detected dangerous functions, raw SQL queries, unescaped output, file operations, external HTTP requests, or nonce/capability checks is a testament to good coding practices. The attack surface is effectively zero, meaning there are no readily identifiable entry points for attackers to exploit. Furthermore, the plugin has no known past vulnerabilities, which suggests a history of secure development and maintenance.

Vulnerabilities
None known

Force Login With Email Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Force Login With Email Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
0
0 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0
Attack Surface

Force Login With Email Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 5
actionadmin_initforce-login-with-email-options.php:28
actionadmin_menuforce-login-with-email-options.php:29
filterauthenticateforce-login-with-email.php:46
filtergettextforce-login-with-email.php:65
filterlogin_initforce-login-with-email.php:67
Maintenance & Trust

Force Login With Email Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19
Last updatedJul 13, 2020
PHP min version5.6
Downloads9K

Community Trust

Rating0/100
Number of ratings0
Active installs200
Alternatives

Force Login With Email Alternatives

Duo Two-Factor Authentication

Duo Two-Factor Authentication

duo-wordpress

A
100

Easily add Duo Security two-factor authentication to your WordPress website. Enable two-factor authentication for your admins and/or users.

3K No CVEs
No Login by Email Address

No Login by Email Address

no-login-by-email-address

A
100

Removes the ability to login using the email address instead of the username.

1K No CVEs
Login with Username or Email

Login with Username or Email

login-with-username-or-email

A
85

Allow users to login with Email or Username while logging in to Wordpress.

100 No CVEs
Email OTP Login

Email OTP Login

email-otp-login

A
100

Adds OTP (One-Time Password) verification after login for enhanced security in WordPress. OTP is sent to the user's email.

30 No CVEs
Gp user Login With EMail-ID

Gp user Login With EMail-ID

gp-user-login-with-email-id

A
85

Allow user to login with their Email ID.

10 No CVEs
Developer Profile

Force Login With Email Developer Profile

MarcosAlexandre

2 plugins · 210 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Force Login With Email

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

FAQ

Frequently Asked Questions about Force Login With Email