Opened 5 years ago
Closed 5 years ago
#48910 closed enhancement (duplicate)
Restrict common user names when user registers/while WP installation
Reported by: | guddu1315 | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 5.3 |
Component: | Security | Keywords: | |
Focuses: | Cc: |
Description
Hello
While the installation of WordPress, user can use any names as usernames such as 'admin', 'administrator', 'user', 'root', 'webadmin', 'webmaster', 'test' etc.
These are very common & predictable usernames. Along with easy password and easy username it becomes really easy for anyone to get into backend.
We have password strength indicator. And a checkbox for user to accept that he is okay with using the weak password. But nothing for username.
There should be some restriction on usernames. Users should not be able to add some of the common usernames. If they want to use the restricted words then there should a checkbox informing them that this might be vulnerable to the site.
Thank you.
Attachments (1)
Change History (2)
Note: See
TracTickets for help on using
tickets.
Hi there, welcome to WordPress Trac!
Thanks for the ticket, we're already tracking this enhancement in #39645.