Make WordPress Core

Opened 5 years ago

Closed 5 years ago

#48910 closed enhancement (duplicate)

Restrict common user names when user registers/while WP installation

Reported by: guddu1315's profile guddu1315 Owned by:
Milestone: Priority: normal
Severity: normal Version: 5.3
Component: Security Keywords:
Focuses: Cc:

Description

Hello

While the installation of WordPress, user can use any names as usernames such as 'admin', 'administrator', 'user', 'root', 'webadmin', 'webmaster', 'test' etc.
These are very common & predictable usernames. Along with easy password and easy username it becomes really easy for anyone to get into backend.

We have password strength indicator. And a checkbox for user to accept that he is okay with using the weak password. But nothing for username.

There should be some restriction on usernames. Users should not be able to add some of the common usernames. If they want to use the restricted words then there should a checkbox informing them that this might be vulnerable to the site.

Thank you.

Attachments (1)

restrict-user-names.png (77.1 KB) - added by guddu1315 5 years ago.

Download all attachments as: .zip

Change History (2)

#1 @SergeyBiryukov
5 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hi there, welcome to WordPress Trac!

Thanks for the ticket, we're already tracking this enhancement in #39645.

Note: See TracTickets for help on using tickets.