Genericize WordPress Login Errors

When log­ging into Word­Press, if you make any mis­takes with your user­name or pass­word, you may have noticed that the error mes­sages Word­Press pro­vides are very spe­cif­ic. If you get your pass­word wrong, you get a mes­sage that says, “The pass­word you entered for the user­name User­name is incor­rect,” while if you get your user­name wrong, the mes­sage reads, “Invalid username.”

While this isn’t a huge deal, if some­body is try­ing to break into your site, Word­Press con­firms to them that they have cor­rect­ly deter­mined your user­name. (User­names are revealed pub­licly in var­i­ous places around a Word­Press site, but for the secu­ri­ty con­scious, it is like­ly pos­si­ble to pre­vent that, allow­ing you to keep your login cre­den­tials private.)

I’ve seen instruc­tions for fix­ing Word­Press’ login errors to not reveal too much infor­ma­tion on a vari­ety of sites, but all of them sim­ply remove the whole damn error mes­sage. In oth­er words, using their method, if you made a mis­take log­ging in, you sim­ply stay on the login page, with an emp­ty alert box above the login form. That is sim­ply unac­cept­able (and is very lazy on the part of who­ev­er orig­i­nal­ly came up with that method).

A bet­ter solu­tion is to drop the fol­low­ing into your custom_functions.php file. You’ll of course want to mod­i­fy the strings to match what­ev­er lan­guage your login page may be pre­sent­ed in!






One response to “Genericize WordPress Login Errors”

  1. Kevin McGillivray Avatar
    Kevin McGillivray

    Thanks you! I’ve been read­ing arti­cles all morn­ing about how to remove the error mes­sage alto­geth­er and that’s just bad form. This was very helpful.

Join the Discussion

Your email address will not be published. Required fields are marked *

Use your Gravatar-enabled email address while commenting to automatically enhance your comment with some of Gravatar's open profile data.

Comments must be made in accordance with the comment policy. This site uses Akismet to reduce spam; learn how your comment data is processed.

You may use Markdown to format your comments; additionally, these HTML tags and attributes may be used: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Rick Beckman