Sniffing usernames – now possibile?

  • Resolved marco3253

    (@marco3253)


    5 years, 6 months ago

    Dear staff,

    I noticed that in the last months some “blocked user logging in” email I receive, tells me that the last username that they tried to use is a real username I have into users on that websites.

    Usually, so far, they try common names (that I don’t use as usernames) so they are instantly blocked cause the username does not exist.
    But in the last period I can see they try with real usernames, in this case they have more chances to force the login instead of being suddenly blocked.

    How they do? and why now? is there something you can improve to avoid this kinda sniffing of usernames?

    Thank you

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hey @marco3253,

    It’s hard to say how they’re finding the usernames. A plugin or theme could be linking to them. As far as why now, it’s really pretty random. By default, usernames should be considered insecure. Strong passwords, reCAPTCHA, and Two-Factor should be relied on for login page security. There’s only so much we can do to prevent attacks, it’s more about making sure they aren’t successful, which it sounds like Wordfence is doing.

    Please let us know if anything else comes up.

    Thanks,

    Gerroald

    Thread Starter marco3253

    (@marco3253)

    Thank you @wfgerald

    I’m going to enable 2 factor auth on the few websites I can see they know usernames.

    Thank you.

    Hey @marco3253,

    You bet!

    Please let us know if anything else comes up.

    Thanks,

    Gerroald

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Sniffing usernames – now possibile?’ is closed to new replies.