False invalid usernames

Viewing 5 replies - 1 through 5 (of 5 total)

  • Hi Phillip,

    That’s a definite possibility. Does the Modal/AJAX method add the users to the WordPress user database? The WordPress user DB is where Wordfence looks for existing users. Would it be possible to test by creating a new user via regular WordPress and see if the block happens with that user?

    Thanks,
    Brian

    For what it’s worth, I have this problem for one user who uses Lastpass for automated login. His user name is in the DB, and is correct in Lastpass, but when he tries to use Lastpass it results in invalid user name and a Wordfence lockout. We’ve spent a few hours trying different things and nothing seems to fix this other than the user going back to manually entering his credentials. It’s been super frustrating.

    So, is there a chance your users are trying to log in using a password manager?

    MTN

    Thread Starter wpcrank_phil

    (@wpcsphil)

    Thanks much for your help guys. I’m going to setup a duplicate site and see if I can figure it out more. Appreciate the pointers in some possible directions. I know I have pains with LastPass sometimes personally having to submit a couple times on WP logins.

    Brian, the system does put them into the standard WP Users system / table. I’m wondering if it’s a caching plugin issue as well.

    Thanks again, will keep digging!

    Well, it’s 8 months later and we still have this problem with Wordfence. Sigh.

    LastPass was hacked July, 2016. Must read: https://www.hackread.com/lastpass-hacked-this-time-for-good/

    They say its hacked for good.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘False invalid usernames’ is closed to new replies.