Use ithemes security compromised password feature

  • Resolved Zoker

    (@zoker)


    2 years, 5 months ago

    Hi there,

    Ithemes Security provides a function, that checks is a password was published in a security breach. This integrates well with the default wordpress sign up/login process.
    But when a user registers via ultimate member, this feature is not available anymore. So a user can register a new account with a password that has been compromised.
    It would be nice, if UM could integrate with the ithemes security breach function or even better provide it’s own function, that does that (this would benefit also sites, that do not use ithemes security as security plugin).

    If you want to see how ithemes security does it, download the plugin from there:
    https://de.www.ads-software.com/plugins/better-wp-security/

    Then look at the folder:
    /core/modules/hibp

    There you find all the information needed for this function! Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support Aswin Giri

    (@aswingiri)

    Hello @zoker

    Ultimate member is not currently integrated with ithemes security breach but it has its own strong password validation. You can check “Force strong password?” checkbox on password field settings to enable it. Please check this screenshot.

    Plugin Support Ultimate Member Support

    (@ultimatemembersupport)

    Hello @zoker

    Please feel free to re-open this thread by changing the Topic Status to ‘Not Resolved’ if any other questions come up and we’d be happy to help. ??

    Regards,

    Thread Starter Zoker

    (@zoker)

    Hi Aswin,

    Yes but a password can be strong but still compromised, so it would be nice, if you could consider adding this feature to UM. Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Use ithemes security compromised password feature’ is closed to new replies.