• This is a clever plugin. I wasn’t sure what it did at first, but it’s pretty simple. What this plugin does is bypass the default Login button. You must drag or create a sort of ‘dongle’ bookmark to replace the default Login button per the instructions after you activate the plugin.

    So once you’ve filled out your username, password, captcha if applicable, you must use the ‘dongle’ instead of the Login button to login. Otherwise you get the warning message you set up.

    So not only does someone need the ‘dongle’, they also need the Response to the Challenge.

    Cool idea.

    https://www.ads-software.com/extend/plugins/login-dongle/

Viewing 14 replies - 1 through 14 (of 14 total)
  • makes sense, since nobody but the admin need know the login page to begin with.

    But i’m already using a strong password from

    https://strongpasswordgenerator.com/

    So not too worried. Also i have that limit login plugin that will lock people out after 4-5 incorrect tries. If i see someone with the same ip constantly doing that, i’d just add their ip to my banlist :X

    I agree with MickeyRoush. I very liked this plugin.

    I think I must be an idiot! I understand the dongle. What I’m trying to do is put a login button on a sidebar, and then give my editors a dongle so they can easily signin and write articles, post events, etc.

    When I activated the plugin, I set my dongle to something really easy. and here’s where I lost the plot.

    I didn’t change my admin password, so that should be fine. I then logged OUT of my weblog and tried to sign back in. I was presented with the WP login screen. I entered my userid/passcode, and got my login-dongle smarty pants response, “do I know you?”

    So, I’ve deleted the plugin. It’s too scary for someone who doesn’t understand it. I would love to implement it, if anyone was willing to walk me through the process after installation and addition of my personal dongle to my profile. I have no clue what comes after that. Magic?

    Thank you,
    Kittie Rue

    Plugin Author Andrea Ercolino

    (@aercolino)

    @kittierue

    I’ve answered your question here.

    Do you have a plan to add a translation file? It would be great.

    Plugin Author Andrea Ercolino

    (@aercolino)

    @kazancexpert

    I didn’t until a moment ago… I’ll look into it soon. Thanks for the suggestion.

    Plugin Author Andrea Ercolino

    (@aercolino)

    @kazancexpert

    I published the new version (1.4.1) with support for translations. I already added Spanish (and English is the base). I hope people know how to add new ones. I’ll be pleased to add them in future updates.

    Just wanted to drop by and say the plugin’s awesome! Just what I was looking for. Even though I changed my default WP username, and I’m using login lockout plugins, still I got rather annoying attempts at unauthorized logins.

    And “Login Dongle” is a perfect solution agains that, simple and highly effective. I love how it does not change the default login form, and the addition of making your customized error message – including html code, which gives you many possibilities with how to treat people who try unauthorized logins: you can show them an images, redirect them wherever you want, etc.

    Brilliant! And thank you for creating this thingy, Andrea!

    I haven’t installed this Plug-In yet. Does it work with WP Multisites? If so, how exactly? Do I have to install it on each Blog? Can I also use it for the network account?

    Andrea Ercolino, I can give you a German translation if you tell me how to or provide a list with all the text/terms that need to be translated.

    Plugin Author Andrea Ercolino

    (@aercolino)

    @robnonstop I really don’t know anything about WP Multisite… As for the German translation, you’ll find what you ask for in the translations directory of this plugin.

    This plugin has been my saviour. I have been under a brute force attack since Friday with over 300 attempts so far. I knew there had to be something that I could do. Limit logins sends me an email everytime someone gets locked out but this guy has some sort of script running using proxies so I have been getting 100’s of emails. But no more!
    Thank you.
    I do have a question though. If I install this on another blog can I use the same link from my browser bookmark bar or do I need 1 for each blog?
    If I need one for each how can I rename the link so that each is unique?
    Thanks once again for a great plugin

    Found my answer to the above, you need a separate link for each site, but you can rename them. Brilliant!!!!!

    Spoke too soon, this is not stopping hardly anything. Big disappointment.
    I will keep trying.

    Plugin Author Andrea Ercolino

    (@aercolino)

    Nothing to worry about: That’s how it’s supposed to be. When Login Dongle finds out that the account that is being accessed has a different challenge / response from what comes in from the internet, then it immediately denies access to that account, but it does not stop the login action. That allows other access plugins like Limit Login Attempts to do what they are supposed to, for example record the IP of the failed login.

    If after installing Login Dongle you still receive notifications of failed logins, they only mean to you that someone is attacking you automatically (running a program), not that they have any chance to get through. In that case you can go to the plugin that notifies you and tweak its settings so that you get less notifications or none at all.

Viewing 14 replies - 1 through 14 (of 14 total)
  • The topic ‘[Plugin: Login Dongle] Clever plugin’ is closed to new replies.