#44552 closed feature request (duplicate)
Better security for wp-admin console
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 4.9.7 |
Component: | Administration | Keywords: | |
Focuses: | ui, administration | Cc: |
Description
There are a number of plugins designed to address these issues, but including these features by default would solve a lot of security problems out of the gate and would be more secure / reliable than depending on 3rd party plugin developers:
- 2 factor authentication
- ability to hide / change the login url to something different (to help prevent bruteforce), e.g. "admin.example.com"
Change History (4)
#1
follow-up:
↓ 2
@
7 years ago
- Milestone Awaiting Review deleted
- Resolution set to duplicate
- Status changed from new to closed
#2
in reply to:
↑ 1
@
6 years ago
Replying to swissspidy:
Please check out the https://wordpress.org/plugins/two-factor/ feature project. Feature projects are projects that usually start with research and a PoC plugin. If it proves to be a great fit for core, it can be proposed for merge into WordPress itself.
FWIW this plugin is not currently featured on the list of feature projects
Note: See
TracTickets for help on using
tickets.
Hi and welcome to WordPress Trac!
These questions have come up multiple times before, so I'll close your ticket as a duplicate. However. I wanted to quickly go through them:
I don't think we can expect the majority of WordPress users to understand and use 2FA. That's why the plugin ecosystem is so great. See also #32247.
Please check out the https://wordpress.org/plugins/two-factor/ feature project. Feature projects are projects that usually start with research and a PoC plugin. If it proves to be a great fit for core, it can be proposed for merge into WordPress itself.
You can learn more about that here: https://make.wordpress.org/core/features/
This is just security through obscurity and doesn't really help with anything. See #13118 and #7194 for why we won't do this.