WordPress.org

Make WordPress Core

Opened 7 weeks ago

Closed 7 weeks ago

#48910 closed enhancement (duplicate)

Restrict common user names when user registers/while WP installation

Reported by: guddu1315 Owned by:
Milestone: Priority: normal
Severity: normal Version: 5.3
Component: Security Keywords:
Focuses: Cc:
PR Number:

Description

Hello

While the installation of WordPress, user can use any names as usernames such as 'admin', 'administrator', 'user', 'root', 'webadmin', 'webmaster', 'test' etc.
These are very common & predictable usernames. Along with easy password and easy username it becomes really easy for anyone to get into backend.

We have password strength indicator. And a checkbox for user to accept that he is okay with using the weak password. But nothing for username.

There should be some restriction on usernames. Users should not be able to add some of the common usernames. If they want to use the restricted words then there should a checkbox informing them that this might be vulnerable to the site.

Thank you.

Attachments (1)

restrict-user-names.png (77.1 KB) - added by guddu1315 7 weeks ago.

Download all attachments as: .zip

Change History (2)

#1 @SergeyBiryukov
7 weeks ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hi there, welcome to WordPress Trac!

Thanks for the ticket, we're already tracking this enhancement in #39645.

Note: See TracTickets for help on using tickets.