pluginpunch

pluginpunch supports this item

Supported

This author's response time can be up to 1 business day.

5 comments found.

Thank you.

excellent work

Thank you.

the demo shows nothing extra than the normal wordpress user fields

Communication of account number is not in the scope of this plugin. This should be handled internally. This works on wp-login.php for all the user roles.

so this plugin only works for only one user website and not for a members page, because if a user don’t know their account number ..

It is working on wp-login. It is clear mentioned on item’s description.

Hi, I like the idea but the demo username and password is not working and as the comment above asks is this plugin only work on single user account or can I setup multiple user ID’s? thanks in advance.

Its not restricted to single user. It works with all users. Please try admin using:

U: devuser
p: devuser

zoxee

zoxee Purchased

Good plugin.

To improve the efficiency of this plugin even more, i recommend updating the Wordpress Administrator account, as it is the most targeted account on a WordPress blog or site.

By default the ID of the built-in WordPress administrator account is 1. Therefore unless you change the ID of the WordPress administrator to a higher random number, anyone can use the URL below to identify the WordPress administrator username, irrelevant of the WordPress permalinks configured on your WordPress. If the WordPress administrator ID is still set to 1 the user will be redirected to the below URL, where the new username is shown at the end of the URL.

To change the default WordPress administrator account ID you need to make changes to the WordPress database, therefore before proceeding with any changes backup your WordPress.

Before you change the WordPress administrator account ID also ensure that the administrator account does not have any posts or pages assigned to it. If it does, change the author of such posts or pages to a user with Author role manually or write an SQL query to change the author ID of such posts automatically.

Once you have done a WordPress database backup, connect to your WordPress database using the MySQL command line tool or the web based phpMyAdmin and execute the below queries on the WordPress database:

UPDATE wp_users SET ID = 1024 WHERE ID = 1;

The above MySQL query will change the default WordPress administrator user ID from 1 to 1024 in the wp_users table, i.e. where the user credentials are stored.

UPDATE wp_usermeta SET user_id = 1024 WHERE user_id = 1;

The above MySQL query will change the default WordPress administrator user ID from 1 to 1024 in the wp_usermeta table, where user related data is stored.

Always specify a high value for the new WordPress administrator ID. The higher the value is the less chances of it being discovered and the longer an attack will take.

Hope this helps someone. Good luck with sales!

Hi there,nu

Thank you for your feedback. Your approach is okay but messing up the ID itself is not recommended.

In the next update, we will come up with the masked ID. So, the admin ID will still remain the same but for each user being added form will be there to fill in the alpha-numeric / numeric data.

During login, plugin will do verification with masked ID, username and password.

Thanks again. for your feedback. Much appreciated.

zoxee

zoxee Purchased

That’s a good idea because at the current stage, anyone with a U & P could hack into a WP admin account by only inserting a “1” or a “2” in the account field 99% of the time.

Correct. IDs are guessable

by
by
by
by
by
by