can't log in

Hi Justin,
not sure. In the past I never had a problem like this and i’m the only ‘webmaster’. Since october the problem suddenly appears. (My be update WP 4.0)
kind, Alice

Ok the htpasswd file is generating the plugin box, go open it in an editor and you should see a username and password inside (or indeed multiple) use those credentials in the pop up box and then add your normal WordPress credentials in the normal WordPress section.

If that works you can remove the password by opening your htaccess and looking for something that will be like:

AuthUserFile .htpasswd
AuthType Basic
AuthName "Admin Area"
Require valid-user

and removing the lines, alternatively you can modify the htpasswd file to include credentials of your choosing.

Hi Tim,
Thank you, removing the

AuthUserFile .htpasswd
AuthType Basic
AuthName “Admin Area”
Require valid-user

part did help.

I tried the credentails given in the passwdfile, but they didn’t work. So I removed the file too.

I still wonder where the htpasswd-file came from. In htaccess the path (the lines after-AuthUserFile) to the htpasswd-file was only for the last bit the same as my url. AuthName was wp-login.php.

Could this file have been of any damage?

kind, Alice

I’m guessing either yourself or your host put it there.
There is a small chance a plugin modified the htaccess file, but it’s unlikely as it shouldn’t have been sure it could write such files. Your host may have added this layer of protection as well. It’s unlikely it was put their maliciously.

However couple of things to make sure all your plugins are up to date, you might also want to visit https://sitecheck.sucuri.net/ and run a check on your site.

I’ll ask my host. Thanks for the help,
kind, Alice