Version Description
- Track a given IP, user name, password combination only once.
- Prevent "not a valid MySQL-Link resource" on auth cookie failure.
- Increase default value of login_fail_notify from 20 to 50.
- Add partial French translation. Settings page needs doing. Thanks mermouy!
Download this release
Release Info
Developer | convissor |
Plugin | Login Security Solution |
Version | 0.22.0 |
Comparing to | |
See all releases |
Code changes from version 0.21.0 to 0.22.0
- languages/login-security-solution-fr_FR.mo +0 -0
- languages/login-security-solution-fr_FR.po +660 -0
- languages/login-security-solution.pot +115 -114
- languages/updatepos.sh +8 -0
- login-security-solution.php +63 -7
- readme.txt +35 -3
- tests/AuthCookieBadTest.php +18 -0
- tests/LoginFailTest.php +22 -1
languages/login-security-solution-fr_FR.mo
ADDED
Binary file
|
languages/login-security-solution-fr_FR.po
ADDED
@@ -0,0 +1,660 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
msgid ""
|
2 |
+
msgstr ""
|
3 |
+
"Project-Id-Version: Login Security Solution 0.22.0\n"
|
4 |
+
"Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
|
5 |
+
"solution\n"
|
6 |
+
"POT-Creation-Date: 2012-08-17 00:42:14+00:00\n"
|
7 |
+
"PO-Revision-Date: 2012-07-14 09:16:30+0000\n"
|
8 |
+
"Last-Translator: mermouy <mermouy@gmail.com>\n"
|
9 |
+
"Language-Team: \n"
|
10 |
+
"MIME-Version: 1.0\n"
|
11 |
+
"Content-Type: text/plain; charset=UTF-8\n"
|
12 |
+
"Content-Transfer-Encoding: 8bit\n"
|
13 |
+
"Plural-Forms: nplurals=2; plural=n != 1;\n"
|
14 |
+
"X-Poedit-Language: French\n"
|
15 |
+
"X-Poedit-Country: FRANCE\n"
|
16 |
+
"X-Poedit-SourceCharset: utf-8\n"
|
17 |
+
"X-Poedit-KeywordsList: __;_e;__ngettext:1,2;_n:1,2;__ngettext_noop:1,2;"
|
18 |
+
"_n_noop:1,2;_c,_nc:4c,1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;_nx_noop:4c,1,2;\n"
|
19 |
+
"X-Poedit-Basepath: ../\n"
|
20 |
+
"X-Poedit-Bookmarks: \n"
|
21 |
+
"X-Poedit-SearchPath-0: .\n"
|
22 |
+
"X-Textdomain-Support: yes\n"
|
23 |
+
|
24 |
+
#: admin.php:113 admin.php:363
|
25 |
+
msgid "Settings"
|
26 |
+
msgstr ""
|
27 |
+
|
28 |
+
#: admin.php:127
|
29 |
+
msgid "Change All Passwords"
|
30 |
+
msgstr ""
|
31 |
+
|
32 |
+
#: admin.php:128
|
33 |
+
msgid "Do not remind me about this"
|
34 |
+
msgstr ""
|
35 |
+
|
36 |
+
#: admin.php:129
|
37 |
+
msgid "Require All Passwords Be Changed"
|
38 |
+
msgstr ""
|
39 |
+
|
40 |
+
#: admin.php:144
|
41 |
+
msgid ""
|
42 |
+
"%s must be activated via the Network Admin interface when WordPress is in "
|
43 |
+
"multistie network mode."
|
44 |
+
msgstr ""
|
45 |
+
|
46 |
+
#: admin.php:250
|
47 |
+
msgid "Idle Timeout"
|
48 |
+
msgstr ""
|
49 |
+
|
50 |
+
#: admin.php:251
|
51 |
+
msgid ""
|
52 |
+
"Close inactive sessions after this many minutes. 0 disables this feature."
|
53 |
+
msgstr ""
|
54 |
+
|
55 |
+
#: admin.php:256
|
56 |
+
msgid "Maintenance Mode"
|
57 |
+
msgstr ""
|
58 |
+
|
59 |
+
#: admin.php:257
|
60 |
+
msgid ""
|
61 |
+
"Disable logins from users who are not administrators and disable posting of "
|
62 |
+
"comments?"
|
63 |
+
msgstr ""
|
64 |
+
|
65 |
+
#: admin.php:259
|
66 |
+
msgid "Off, let all users log in."
|
67 |
+
msgstr ""
|
68 |
+
|
69 |
+
#: admin.php:260
|
70 |
+
msgid "On, disable comments and only let administrators log in."
|
71 |
+
msgstr ""
|
72 |
+
|
73 |
+
#: admin.php:264
|
74 |
+
msgid "Deactivation"
|
75 |
+
msgstr ""
|
76 |
+
|
77 |
+
#: admin.php:265
|
78 |
+
msgid ""
|
79 |
+
"Should deactivating the plugin remove all of the plugin's data and settings?"
|
80 |
+
msgstr ""
|
81 |
+
|
82 |
+
#: admin.php:267
|
83 |
+
msgid "No, preserve the data for future use."
|
84 |
+
msgstr ""
|
85 |
+
|
86 |
+
#: admin.php:268
|
87 |
+
msgid "Yes, delete the damn data."
|
88 |
+
msgstr ""
|
89 |
+
|
90 |
+
#: admin.php:273
|
91 |
+
msgid "Match Time"
|
92 |
+
msgstr ""
|
93 |
+
|
94 |
+
#: admin.php:274
|
95 |
+
msgid "How far back, in minutes, should login failures look for matching data?"
|
96 |
+
msgstr ""
|
97 |
+
|
98 |
+
#: admin.php:279
|
99 |
+
msgid "Delay Tier 2"
|
100 |
+
msgstr ""
|
101 |
+
|
102 |
+
#: admin.php:280
|
103 |
+
msgid ""
|
104 |
+
"How many matching login failures should it take to get into this (%d - %d "
|
105 |
+
"second) Delay Tier? Must be >= %d."
|
106 |
+
msgstr ""
|
107 |
+
|
108 |
+
#: admin.php:286
|
109 |
+
msgid "Delay Tier 3"
|
110 |
+
msgstr ""
|
111 |
+
|
112 |
+
#: admin.php:287
|
113 |
+
msgid ""
|
114 |
+
"How many matching login failures should it take to get into this (%d - %d "
|
115 |
+
"second) Delay Tier? Must be > Delay Tier 2."
|
116 |
+
msgstr ""
|
117 |
+
|
118 |
+
#: admin.php:292
|
119 |
+
msgid "Notifications To"
|
120 |
+
msgstr ""
|
121 |
+
|
122 |
+
#: admin.php:293
|
123 |
+
msgid ""
|
124 |
+
"The email address(es) the failure and breach notifications should be sent "
|
125 |
+
"to. For multiple addresses, separate them with commas. WordPress' "
|
126 |
+
"'admin_email' setting is used if none is provided here."
|
127 |
+
msgstr ""
|
128 |
+
|
129 |
+
#: admin.php:298
|
130 |
+
msgid "Failure Notification"
|
131 |
+
msgstr ""
|
132 |
+
|
133 |
+
#: admin.php:299
|
134 |
+
msgid ""
|
135 |
+
"Notify the administrator upon every x matching login failures. 0 disables "
|
136 |
+
"this feature."
|
137 |
+
msgstr ""
|
138 |
+
|
139 |
+
#: admin.php:304
|
140 |
+
msgid "Breach Notification"
|
141 |
+
msgstr ""
|
142 |
+
|
143 |
+
#: admin.php:305
|
144 |
+
msgid ""
|
145 |
+
"Notify the administrator if a successful login uses data matching x login "
|
146 |
+
"failures. 0 disables this feature."
|
147 |
+
msgstr ""
|
148 |
+
|
149 |
+
#: admin.php:310
|
150 |
+
msgid "Breach Email Confirm"
|
151 |
+
msgstr ""
|
152 |
+
|
153 |
+
#: admin.php:311
|
154 |
+
msgid ""
|
155 |
+
"If a successful login uses data matching x login failures, immediately log "
|
156 |
+
"the user out and require them to use WordPress' lost password process. 0 "
|
157 |
+
"disables this feature."
|
158 |
+
msgstr ""
|
159 |
+
|
160 |
+
#: admin.php:317
|
161 |
+
msgid "Length"
|
162 |
+
msgstr ""
|
163 |
+
|
164 |
+
#: admin.php:318
|
165 |
+
msgid "How long must passwords be? Must be >= %d."
|
166 |
+
msgstr ""
|
167 |
+
|
168 |
+
#: admin.php:324
|
169 |
+
msgid "Complexity Exemption"
|
170 |
+
msgstr ""
|
171 |
+
|
172 |
+
#: admin.php:325
|
173 |
+
msgid ""
|
174 |
+
"How long must passwords be to be exempt from the complexity requirements? "
|
175 |
+
"Must be >= %d."
|
176 |
+
msgstr ""
|
177 |
+
|
178 |
+
#: admin.php:331
|
179 |
+
msgid "Aging"
|
180 |
+
msgstr ""
|
181 |
+
|
182 |
+
#: admin.php:332
|
183 |
+
msgid ""
|
184 |
+
"How many days old can a password be before requiring it be changed? Not "
|
185 |
+
"recommended. 0 disables this feature."
|
186 |
+
msgstr ""
|
187 |
+
|
188 |
+
#: admin.php:337
|
189 |
+
msgid "Grace Period"
|
190 |
+
msgstr ""
|
191 |
+
|
192 |
+
#: admin.php:338
|
193 |
+
msgid ""
|
194 |
+
"How many minutes should a user have to change their password once they know "
|
195 |
+
"it has expired? Must be >= %d."
|
196 |
+
msgstr ""
|
197 |
+
|
198 |
+
#: admin.php:344
|
199 |
+
msgid "History"
|
200 |
+
msgstr ""
|
201 |
+
|
202 |
+
#: admin.php:345
|
203 |
+
msgid ""
|
204 |
+
"How many passwords should be remembered? Prevents reuse of old passwords. 0 "
|
205 |
+
"disables this feature."
|
206 |
+
msgstr ""
|
207 |
+
|
208 |
+
#: admin.php:406
|
209 |
+
msgid "Login Failure Policies"
|
210 |
+
msgstr ""
|
211 |
+
|
212 |
+
# @ login-security-solution
|
213 |
+
#: admin.php:412
|
214 |
+
msgid "Password Policies"
|
215 |
+
msgstr ""
|
216 |
+
|
217 |
+
#: admin.php:418
|
218 |
+
msgid "Miscellaneous Policies"
|
219 |
+
msgstr ""
|
220 |
+
|
221 |
+
#: admin.php:468
|
222 |
+
msgid ""
|
223 |
+
"This plugin stores the IP address, username and password for each failed log "
|
224 |
+
"in attempt."
|
225 |
+
msgstr ""
|
226 |
+
|
227 |
+
#: admin.php:470
|
228 |
+
msgid ""
|
229 |
+
"The data from future login failures are compared against the historical data."
|
230 |
+
msgstr ""
|
231 |
+
|
232 |
+
#: admin.php:472
|
233 |
+
msgid ""
|
234 |
+
"If any of the data points match, the plugin delays printing out the failure "
|
235 |
+
"message."
|
236 |
+
msgstr ""
|
237 |
+
|
238 |
+
#: admin.php:474
|
239 |
+
msgid ""
|
240 |
+
"The goal is for the responses to take so long that the attackers give up and "
|
241 |
+
"go find an easier target."
|
242 |
+
msgstr ""
|
243 |
+
|
244 |
+
#: admin.php:476
|
245 |
+
msgid "The length of the delay is broken up into three tiers."
|
246 |
+
msgstr ""
|
247 |
+
|
248 |
+
#: admin.php:478
|
249 |
+
msgid "The amount of the delay increases in higher tiers."
|
250 |
+
msgstr ""
|
251 |
+
|
252 |
+
#: admin.php:480
|
253 |
+
msgid ""
|
254 |
+
"The delay time within each tier is randomized to complicate profiling by "
|
255 |
+
"attackers."
|
256 |
+
msgstr ""
|
257 |
+
|
258 |
+
#: admin.php:539 admin.php:554
|
259 |
+
msgid "Default:"
|
260 |
+
msgstr ""
|
261 |
+
|
262 |
+
#: admin.php:578
|
263 |
+
msgid "must be >= '%s',"
|
264 |
+
msgstr ""
|
265 |
+
|
266 |
+
#: admin.php:579
|
267 |
+
msgid "so we used the default value instead."
|
268 |
+
msgstr ""
|
269 |
+
|
270 |
+
#: admin.php:612
|
271 |
+
msgid "must be an integer,"
|
272 |
+
msgstr ""
|
273 |
+
|
274 |
+
#: admin.php:715
|
275 |
+
msgid "There may be cases where everyone's password should be reset."
|
276 |
+
msgstr ""
|
277 |
+
|
278 |
+
#: admin.php:717
|
279 |
+
msgid "This page, provided by the %s plugin, offers that functionality."
|
280 |
+
msgstr ""
|
281 |
+
|
282 |
+
#: admin.php:721
|
283 |
+
msgid ""
|
284 |
+
"Submitting this form sets a flag that forces all users to utilize WordPress' "
|
285 |
+
"built in password reset functionality."
|
286 |
+
msgstr ""
|
287 |
+
|
288 |
+
#: admin.php:723
|
289 |
+
msgid ""
|
290 |
+
"Users who are presently logged in will be logged out the next time they view "
|
291 |
+
"a page that requires authentication."
|
292 |
+
msgstr ""
|
293 |
+
|
294 |
+
#: admin.php:735
|
295 |
+
msgid ""
|
296 |
+
"Confirm that you want to force all users to change their passwords by "
|
297 |
+
"checking this box, then click the button, below."
|
298 |
+
msgstr ""
|
299 |
+
|
300 |
+
#: admin.php:754
|
301 |
+
msgid "No thanks. I know what I'm doing. Please don't remind me about this."
|
302 |
+
msgstr ""
|
303 |
+
|
304 |
+
#: admin.php:786
|
305 |
+
msgid ""
|
306 |
+
"You have checked a box that does not correspond with the button you pressed. "
|
307 |
+
"Please check and press buttons inside the same section."
|
308 |
+
msgstr ""
|
309 |
+
|
310 |
+
#: admin.php:788
|
311 |
+
msgid ""
|
312 |
+
"Please confirm that you really want to do this. Put a check in the '%s' box "
|
313 |
+
"before hitting the submit button."
|
314 |
+
msgstr ""
|
315 |
+
|
316 |
+
#: admin.php:804 admin.php:824
|
317 |
+
msgid "Success!"
|
318 |
+
msgstr ""
|
319 |
+
|
320 |
+
#: admin.php:856
|
321 |
+
msgid ""
|
322 |
+
"WARNING: The site is in maintenance mode. DO NOT TOUCH ANYTHING! Your "
|
323 |
+
"changes may get overwritten!"
|
324 |
+
msgstr ""
|
325 |
+
|
326 |
+
#: admin.php:880
|
327 |
+
msgid ""
|
328 |
+
"You have not asked your users to change their passwords since the plugin was "
|
329 |
+
"activated. Most users have weak passwords. This plugin's password policies "
|
330 |
+
"protect your site from brute force attacks. Please improve security for "
|
331 |
+
"everyone on the Internet by making all users pick new, strong, passwords."
|
332 |
+
msgstr ""
|
333 |
+
|
334 |
+
#: admin.php:884
|
335 |
+
msgid ""
|
336 |
+
"Speaking of which, do YOU have a strong password? Make sure by changing "
|
337 |
+
"yours too."
|
338 |
+
msgstr ""
|
339 |
+
|
340 |
+
#: admin.php:888
|
341 |
+
msgid ""
|
342 |
+
"The following link leads to a user interface where you can either require "
|
343 |
+
"all passwords to be reset or disable this notice."
|
344 |
+
msgstr ""
|
345 |
+
|
346 |
+
#: admin.php:918
|
347 |
+
msgid "You do not have sufficient permissions to access this page."
|
348 |
+
msgstr ""
|
349 |
+
|
350 |
+
#: admin.php:924
|
351 |
+
msgid "$user_ID variable not set. Another plugin is misbehaving."
|
352 |
+
msgstr ""
|
353 |
+
|
354 |
+
# @ login-security-solution
|
355 |
+
#: login-security-solution.php:516 tests/LoginErrorsTest.php:97
|
356 |
+
#: tests/LoginErrorsTest.php:111
|
357 |
+
msgid "Invalid username or password."
|
358 |
+
msgstr "Identifiant ou mot de passe incorrect."
|
359 |
+
|
360 |
+
# @ default
|
361 |
+
#: login-security-solution.php:522 tests/LoginErrorsTest.php:125
|
362 |
+
#: tests/LoginErrorsTest.php:139
|
363 |
+
msgid "Password reset is not allowed for this user"
|
364 |
+
msgstr ""
|
365 |
+
|
366 |
+
# @ login-security-solution
|
367 |
+
#: login-security-solution.php:547 tests/LoginMessageTest.php:66
|
368 |
+
msgid "It has been over %d minutes since your last action."
|
369 |
+
msgstr "Vous êtes inactif depuis %d minutes."
|
370 |
+
|
371 |
+
# @ login-security-solution
|
372 |
+
#: login-security-solution.php:548 tests/LoginMessageTest.php:67
|
373 |
+
msgid "Please log back in."
|
374 |
+
msgstr "Veuillez vous reconnecter."
|
375 |
+
|
376 |
+
# @ login-security-solution
|
377 |
+
#: login-security-solution.php:551 tests/LoginMessageTest.php:77
|
378 |
+
msgid "The grace period for changing your password has expired."
|
379 |
+
msgstr "La période allouée pour changer votre mot de passe est écoulée."
|
380 |
+
|
381 |
+
# @ login-security-solution
|
382 |
+
#: login-security-solution.php:552 tests/LoginMessageTest.php:78
|
383 |
+
msgid "Please submit this form to reset your password."
|
384 |
+
msgstr "Veuillez remplir ce formulaire pour ré-initialiser votre mor de passe."
|
385 |
+
|
386 |
+
# @ login-security-solution
|
387 |
+
#: login-security-solution.php:555 tests/LoginMessageTest.php:88
|
388 |
+
msgid "Your password must be reset."
|
389 |
+
msgstr "Votre mot de passe doit être changé."
|
390 |
+
|
391 |
+
# @ login-security-solution
|
392 |
+
#: login-security-solution.php:556 tests/LoginMessageTest.php:89
|
393 |
+
msgid "Please submit this form to reset it."
|
394 |
+
msgstr "Veuillez remplir ce formulaire pour le ré-initialiser"
|
395 |
+
|
396 |
+
# @ login-security-solution
|
397 |
+
#: login-security-solution.php:559 tests/LoginMessageTest.php:104
|
398 |
+
msgid "Your password has expired. Please log and change it."
|
399 |
+
msgstr "Votre mot de passe a expiré. Veuillez vous connecter et le changer."
|
400 |
+
|
401 |
+
# @ login-security-solution
|
402 |
+
#: login-security-solution.php:560 tests/LoginMessageTest.php:105
|
403 |
+
msgid "We provide a %d minute grace period to do so."
|
404 |
+
msgstr "Une période de %d minutes vous est allouée pour cela."
|
405 |
+
|
406 |
+
# @ login-security-solution
|
407 |
+
#: login-security-solution.php:563 tests/LoginMessageTest.php:115
|
408 |
+
msgid "The password you tried to create is not secure. Please try again."
|
409 |
+
msgstr ""
|
410 |
+
"Le mot de passe que vous voulez utiliser n'est pas suffisamment robuste. "
|
411 |
+
"Veuillez ré-essayer."
|
412 |
+
|
413 |
+
# @ login-security-solution
|
414 |
+
#: login-security-solution.php:569 tests/LoginMessageTest.php:129
|
415 |
+
#: tests/LoginMessageTest.php:144
|
416 |
+
msgid "The site is undergoing maintenance."
|
417 |
+
msgstr "Le site est en maintenance."
|
418 |
+
|
419 |
+
# @ login-security-solution
|
420 |
+
#: login-security-solution.php:570 tests/LoginMessageTest.php:130
|
421 |
+
#: tests/LoginMessageTest.php:145
|
422 |
+
msgid "Please try again later."
|
423 |
+
msgstr "Veuillez ré-essayer un peu plus tard."
|
424 |
+
|
425 |
+
# @ login-security-solution
|
426 |
+
#: login-security-solution.php:641
|
427 |
+
msgid ""
|
428 |
+
"The password should either be: A) at least %d characters long and contain "
|
429 |
+
"upper and lower case letters plus numbers and punctuation, or B) at least %d "
|
430 |
+
"characters long."
|
431 |
+
msgstr ""
|
432 |
+
"Le mot de passe doit, soit A) comporter au moins %d caractères et contenir à "
|
433 |
+
"la fois des majuscules, des minuscules, des chiffres et de la ponctuation; "
|
434 |
+
"soit B) comporter %d caractères."
|
435 |
+
|
436 |
+
# @ login-security-solution
|
437 |
+
#: login-security-solution.php:675 tests/PasswordChangeTest.php:277
|
438 |
+
msgid "Passwords can not be reused."
|
439 |
+
msgstr "D'anciens mots de passe ne peuvent être ré-utilisés."
|
440 |
+
|
441 |
+
# @ default
|
442 |
+
#: login-security-solution.php:850
|
443 |
+
msgid "ERROR"
|
444 |
+
msgstr ""
|
445 |
+
|
446 |
+
# @ login-security-solution
|
447 |
+
#: login-security-solution.php:987
|
448 |
+
msgid ""
|
449 |
+
"\n"
|
450 |
+
"Component Count Value from Current Attempt\n"
|
451 |
+
"------------------------ ----- --------------------------------\n"
|
452 |
+
"Network IP %5d %s\n"
|
453 |
+
"Username %5d %s\n"
|
454 |
+
"Password MD5 %5d %s\n"
|
455 |
+
msgstr ""
|
456 |
+
"\n"
|
457 |
+
"Composant Nombre Valeur de la tentative courante\n"
|
458 |
+
"------------------------ ----- --------------------------------\n"
|
459 |
+
"Réseau IP %5d %s\n"
|
460 |
+
"Identifiant %5d %s\n"
|
461 |
+
"MD5 du mot de passe %5d %s\n"
|
462 |
+
|
463 |
+
# @ login-security-solution
|
464 |
+
#: login-security-solution.php:1822 login-security-solution.php:1859
|
465 |
+
msgid "POTENTIAL INTRUSION AT %s"
|
466 |
+
msgstr "INTRUSION POSSIBLE A %s"
|
467 |
+
|
468 |
+
# @ login-security-solution
|
469 |
+
#: login-security-solution.php:1826
|
470 |
+
msgid "Your website, %s, may have been broken in to."
|
471 |
+
msgstr "Votre site, %s, a peut-être été corrompu."
|
472 |
+
|
473 |
+
# @ login-security-solution
|
474 |
+
#: login-security-solution.php:1829
|
475 |
+
msgid ""
|
476 |
+
"Someone just logged in using the following components. Prior to that, some "
|
477 |
+
"combination of those components were a part of %d failed attempts to log in "
|
478 |
+
"during the past %d minutes:"
|
479 |
+
msgstr ""
|
480 |
+
"Quelqu'un vient de se connecter avec les données qui suivent. Avant cela, "
|
481 |
+
"plusieurs de ces éléments ont été utilisés parmi les %d tentatives de "
|
482 |
+
"connexion au cours des %d dernières minutes:"
|
483 |
+
|
484 |
+
# @ login-security-solution
|
485 |
+
#: login-security-solution.php:1835
|
486 |
+
msgid ""
|
487 |
+
"The user's current IP address is one they have verified with your site in "
|
488 |
+
"the past. Therefore, the user will NOT be required to confirm their "
|
489 |
+
"identity via the password reset process. An email will be sent to them, "
|
490 |
+
"just in case this actually was a breach."
|
491 |
+
msgstr ""
|
492 |
+
"L'adresse IP utilisée à déjà été vérifiée auparavant. C'est pourquoi "
|
493 |
+
"l'utilisateur ne devra PAS nécessairement confirmer son identité via le "
|
494 |
+
"processus de changement de mot de passe. Un email lui sera envoyé, au cas où "
|
495 |
+
"ce serait effectivement un intrusion."
|
496 |
+
|
497 |
+
# @ login-security-solution
|
498 |
+
#: login-security-solution.php:1837
|
499 |
+
msgid ""
|
500 |
+
"The user has been logged out and will be required to confirm their identity "
|
501 |
+
"via the password reset functionality."
|
502 |
+
msgstr ""
|
503 |
+
"L'utilisateur à été déconnecté et il devra confirmer son identité via le "
|
504 |
+
"processus de changement de mot de passe."
|
505 |
+
|
506 |
+
# @ login-security-solution
|
507 |
+
#: login-security-solution.php:1863
|
508 |
+
msgid ""
|
509 |
+
"Someone just logged into your '%s' account at %s. Was it you that logged "
|
510 |
+
"in? We are asking because the site is being attacked."
|
511 |
+
msgstr ""
|
512 |
+
"Quelqu'un a %s vient de se connecter en tant que '%s'. Était-ce vous? Nous "
|
513 |
+
"vous posons la question parce que le site semble subir une attaque."
|
514 |
+
|
515 |
+
# @ login-security-solution
|
516 |
+
#: login-security-solution.php:1864
|
517 |
+
msgid "IF IT WAS NOT YOU, please do the following right away:"
|
518 |
+
msgstr "SI CE N'ÉTAIT PAS VOUS, veuillez suivre ces consignes au plus vite:"
|
519 |
+
|
520 |
+
# @ login-security-solution
|
521 |
+
#: login-security-solution.php:1865
|
522 |
+
msgid "1) Log into %s and change your password."
|
523 |
+
msgstr "1) Connectez vous à %s et changez votre mot de passe."
|
524 |
+
|
525 |
+
# @ login-security-solution
|
526 |
+
#: login-security-solution.php:1866
|
527 |
+
msgid "2) Send an email to %s letting them know it was not you who logged in."
|
528 |
+
msgstr ""
|
529 |
+
"2) Envoyez un message à %s pour les prévenir que ce n'était pas vous qui "
|
530 |
+
"vous êtes connecté récemment."
|
531 |
+
|
532 |
+
# @ login-security-solution
|
533 |
+
#: login-security-solution.php:1892
|
534 |
+
msgid "ATTACK HAPPENING TO %s"
|
535 |
+
msgstr "ATTAQUE SUR %s"
|
536 |
+
|
537 |
+
# @ login-security-solution
|
538 |
+
#: login-security-solution.php:1896
|
539 |
+
msgid "Your website, %s, is undergoing a brute force attack."
|
540 |
+
msgstr "Votre site, %s, subi une attaque de type brute force."
|
541 |
+
|
542 |
+
# @ login-security-solution
|
543 |
+
#: login-security-solution.php:1899
|
544 |
+
msgid ""
|
545 |
+
"There have been at least %d failed attempts to log in during the past %d "
|
546 |
+
"minutes that used one or more of the following components:"
|
547 |
+
msgstr ""
|
548 |
+
"Au moins %d tentatives infructueuses de connexion au cours des dernières %d "
|
549 |
+
"minutes ont utilisées les données suivantes:"
|
550 |
+
|
551 |
+
# @ login-security-solution
|
552 |
+
#: login-security-solution.php:1904
|
553 |
+
msgid ""
|
554 |
+
"The %s plugin for WordPress is repelling the attack by making their login "
|
555 |
+
"failures take a very long time."
|
556 |
+
msgstr ""
|
557 |
+
"Le plugin %s pour WordPress pare l'attaque en ralentissant la réponse à "
|
558 |
+
"chaque tentative échouée."
|
559 |
+
|
560 |
+
# @ login-security-solution
|
561 |
+
#: login-security-solution.php:2265 tests/PasswordValidationTest.php:450
|
562 |
+
msgid "Password not set."
|
563 |
+
msgstr "Mot de passe non défini."
|
564 |
+
|
565 |
+
# @ login-security-solution
|
566 |
+
#: login-security-solution.php:2280 tests/PasswordValidationTest.php:461
|
567 |
+
msgid "Passwords must be strings."
|
568 |
+
msgstr "Les mots de passe ne peuvent comporter d'espace."
|
569 |
+
|
570 |
+
# @ login-security-solution
|
571 |
+
#: login-security-solution.php:2298 tests/PasswordValidationTest.php:474
|
572 |
+
msgid "Passwords must use ASCII characters."
|
573 |
+
msgstr "Les mots de passe ne doivent comporter que des caractères ASCII."
|
574 |
+
|
575 |
+
# @ login-security-solution
|
576 |
+
#: login-security-solution.php:2317 tests/PasswordChangeTest.php:310
|
577 |
+
#: tests/PasswordValidationTest.php:491 tests/PasswordValidationTest.php:505
|
578 |
+
msgid "Password is too short."
|
579 |
+
msgstr "Le mot de passe est trop court."
|
580 |
+
|
581 |
+
# @ login-security-solution
|
582 |
+
#: login-security-solution.php:2326 tests/PasswordValidationTest.php:531
|
583 |
+
msgid "Passwords must either contain numbers or be %d characters long."
|
584 |
+
msgstr ""
|
585 |
+
"Le mot de passe doit, soit comporter des chiffres soit comporter %d "
|
586 |
+
"caractères."
|
587 |
+
|
588 |
+
# @ login-security-solution
|
589 |
+
#: login-security-solution.php:2335 tests/PasswordValidationTest.php:518
|
590 |
+
msgid ""
|
591 |
+
"Passwords must either contain punctuation marks / symbols or be %d "
|
592 |
+
"characters long."
|
593 |
+
msgstr ""
|
594 |
+
"Les mots de passe doivent contenir des symboles/ponctuation ou comporter %d "
|
595 |
+
"caractères."
|
596 |
+
|
597 |
+
# @ login-security-solution
|
598 |
+
#: login-security-solution.php:2344 tests/PasswordValidationTest.php:544
|
599 |
+
msgid ""
|
600 |
+
"Passwords must either contain upper-case and lower-case letters or be %d "
|
601 |
+
"characters long."
|
602 |
+
msgstr ""
|
603 |
+
"Les mots de passe doivent contenir des majuscules et des minuscules ou "
|
604 |
+
"contenir %d caractères."
|
605 |
+
|
606 |
+
# @ login-security-solution
|
607 |
+
#: login-security-solution.php:2354 tests/PasswordValidationTest.php:557
|
608 |
+
msgid "Passwords can't be sequential keys."
|
609 |
+
msgstr "Les mots de passe ne peuvent être une séquence."
|
610 |
+
|
611 |
+
# @ login-security-solution
|
612 |
+
#: login-security-solution.php:2363 tests/PasswordValidationTest.php:570
|
613 |
+
msgid "Passwords can't have that many sequential characters."
|
614 |
+
msgstr ""
|
615 |
+
"Les mots de passe ne peuvent contenir autant de caractères séquentiels."
|
616 |
+
|
617 |
+
# @ login-security-solution
|
618 |
+
#: login-security-solution.php:2379 tests/PasswordValidationTest.php:583
|
619 |
+
#: tests/PasswordValidationTest.php:596
|
620 |
+
msgid "Passwords can't contain user data."
|
621 |
+
msgstr "Les mots de passe ne peuvent contenir des informations utilisateur."
|
622 |
+
|
623 |
+
# @ login-security-solution
|
624 |
+
#: login-security-solution.php:2390 tests/PasswordValidationTest.php:609
|
625 |
+
msgid "Passwords can't contain site info."
|
626 |
+
msgstr "Les mots de passe ne peuvent contenir des information du site."
|
627 |
+
|
628 |
+
# @ login-security-solution
|
629 |
+
#: login-security-solution.php:2399 tests/PasswordValidationTest.php:622
|
630 |
+
msgid "Password is too common."
|
631 |
+
msgstr "Le mot de passe est trop banal."
|
632 |
+
|
633 |
+
# @ login-security-solution
|
634 |
+
#: login-security-solution.php:2408 tests/PasswordValidationTest.php:638
|
635 |
+
msgid "Passwords can't be variations of dictionary words."
|
636 |
+
msgstr "Les mots de passe ne peuvent être issus du dictionnaire."
|
637 |
+
|
638 |
+
#. Plugin Name of the plugin/theme
|
639 |
+
msgid "Login Security Solution"
|
640 |
+
msgstr ""
|
641 |
+
|
642 |
+
#. Plugin URI of the plugin/theme
|
643 |
+
msgid "http://wordpress.org/extend/plugins/login-security-solution/"
|
644 |
+
msgstr ""
|
645 |
+
|
646 |
+
#. Description of the plugin/theme
|
647 |
+
msgid ""
|
648 |
+
"Requires very strong passwords, repels brute force login attacks, prevents "
|
649 |
+
"login information disclosures, expires idle sessions, notifies admins of "
|
650 |
+
"attacks and breaches, permits administrators to disable logins for "
|
651 |
+
"maintenance or emergency reasons and reset all passwords."
|
652 |
+
msgstr ""
|
653 |
+
|
654 |
+
#. Author of the plugin/theme
|
655 |
+
msgid "Daniel Convissor"
|
656 |
+
msgstr ""
|
657 |
+
|
658 |
+
#. Author URI of the plugin/theme
|
659 |
+
msgid "http://www.analysisandsolutions.com/"
|
660 |
+
msgstr ""
|
languages/login-security-solution.pot
CHANGED
@@ -2,9 +2,10 @@
|
|
2 |
# This file is distributed under the same license as the Login Security Solution package.
|
3 |
msgid ""
|
4 |
msgstr ""
|
5 |
-
"Project-Id-Version: Login Security Solution 0.
|
6 |
-
"Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-
|
7 |
-
"
|
|
|
8 |
"MIME-Version: 1.0\n"
|
9 |
"Content-Type: text/plain; charset=UTF-8\n"
|
10 |
"Content-Transfer-Encoding: 8bit\n"
|
@@ -12,308 +13,308 @@ msgstr ""
|
|
12 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
13 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
14 |
|
15 |
-
#: admin.php:
|
16 |
msgid "Settings"
|
17 |
msgstr ""
|
18 |
|
19 |
-
#: admin.php:
|
20 |
msgid "Change All Passwords"
|
21 |
msgstr ""
|
22 |
|
23 |
-
#: admin.php:
|
24 |
msgid "Do not remind me about this"
|
25 |
msgstr ""
|
26 |
|
27 |
-
#: admin.php:
|
28 |
msgid "Require All Passwords Be Changed"
|
29 |
msgstr ""
|
30 |
|
31 |
-
#: admin.php:
|
32 |
msgid ""
|
33 |
"%s must be activated via the Network Admin interface when WordPress is in "
|
34 |
"multistie network mode."
|
35 |
msgstr ""
|
36 |
|
37 |
-
#: admin.php:
|
38 |
msgid "Idle Timeout"
|
39 |
msgstr ""
|
40 |
|
41 |
-
#: admin.php:
|
42 |
msgid ""
|
43 |
"Close inactive sessions after this many minutes. 0 disables this feature."
|
44 |
msgstr ""
|
45 |
|
46 |
-
#: admin.php:
|
47 |
msgid "Maintenance Mode"
|
48 |
msgstr ""
|
49 |
|
50 |
-
#: admin.php:
|
51 |
msgid ""
|
52 |
"Disable logins from users who are not administrators and disable posting of "
|
53 |
"comments?"
|
54 |
msgstr ""
|
55 |
|
56 |
-
#: admin.php:
|
57 |
msgid "Off, let all users log in."
|
58 |
msgstr ""
|
59 |
|
60 |
-
#: admin.php:
|
61 |
msgid "On, disable comments and only let administrators log in."
|
62 |
msgstr ""
|
63 |
|
64 |
-
#: admin.php:
|
65 |
msgid "Deactivation"
|
66 |
msgstr ""
|
67 |
|
68 |
-
#: admin.php:
|
69 |
msgid ""
|
70 |
"Should deactivating the plugin remove all of the plugin's data and settings?"
|
71 |
msgstr ""
|
72 |
|
73 |
-
#: admin.php:
|
74 |
msgid "No, preserve the data for future use."
|
75 |
msgstr ""
|
76 |
|
77 |
-
#: admin.php:
|
78 |
msgid "Yes, delete the damn data."
|
79 |
msgstr ""
|
80 |
|
81 |
-
#: admin.php:
|
82 |
msgid "Match Time"
|
83 |
msgstr ""
|
84 |
|
85 |
-
#: admin.php:
|
86 |
msgid "How far back, in minutes, should login failures look for matching data?"
|
87 |
msgstr ""
|
88 |
|
89 |
-
#: admin.php:
|
90 |
msgid "Delay Tier 2"
|
91 |
msgstr ""
|
92 |
|
93 |
-
#: admin.php:
|
94 |
msgid ""
|
95 |
"How many matching login failures should it take to get into this (%d - %d "
|
96 |
"second) Delay Tier? Must be >= %d."
|
97 |
msgstr ""
|
98 |
|
99 |
-
#: admin.php:
|
100 |
msgid "Delay Tier 3"
|
101 |
msgstr ""
|
102 |
|
103 |
-
#: admin.php:
|
104 |
msgid ""
|
105 |
"How many matching login failures should it take to get into this (%d - %d "
|
106 |
"second) Delay Tier? Must be > Delay Tier 2."
|
107 |
msgstr ""
|
108 |
|
109 |
-
#: admin.php:
|
110 |
msgid "Notifications To"
|
111 |
msgstr ""
|
112 |
|
113 |
-
#: admin.php:
|
114 |
msgid ""
|
115 |
"The email address(es) the failure and breach notifications should be sent "
|
116 |
"to. For multiple addresses, separate them with commas. WordPress' "
|
117 |
"'admin_email' setting is used if none is provided here."
|
118 |
msgstr ""
|
119 |
|
120 |
-
#: admin.php:
|
121 |
msgid "Failure Notification"
|
122 |
msgstr ""
|
123 |
|
124 |
-
#: admin.php:
|
125 |
msgid ""
|
126 |
"Notify the administrator upon every x matching login failures. 0 disables "
|
127 |
"this feature."
|
128 |
msgstr ""
|
129 |
|
130 |
-
#: admin.php:
|
131 |
msgid "Breach Notification"
|
132 |
msgstr ""
|
133 |
|
134 |
-
#: admin.php:
|
135 |
msgid ""
|
136 |
"Notify the administrator if a successful login uses data matching x login "
|
137 |
"failures. 0 disables this feature."
|
138 |
msgstr ""
|
139 |
|
140 |
-
#: admin.php:
|
141 |
msgid "Breach Email Confirm"
|
142 |
msgstr ""
|
143 |
|
144 |
-
#: admin.php:
|
145 |
msgid ""
|
146 |
"If a successful login uses data matching x login failures, immediately log "
|
147 |
"the user out and require them to use WordPress' lost password process. 0 "
|
148 |
"disables this feature."
|
149 |
msgstr ""
|
150 |
|
151 |
-
#: admin.php:
|
152 |
msgid "Length"
|
153 |
msgstr ""
|
154 |
|
155 |
-
#: admin.php:
|
156 |
msgid "How long must passwords be? Must be >= %d."
|
157 |
msgstr ""
|
158 |
|
159 |
-
#: admin.php:
|
160 |
msgid "Complexity Exemption"
|
161 |
msgstr ""
|
162 |
|
163 |
-
#: admin.php:
|
164 |
msgid ""
|
165 |
"How long must passwords be to be exempt from the complexity requirements? "
|
166 |
"Must be >= %d."
|
167 |
msgstr ""
|
168 |
|
169 |
-
#: admin.php:
|
170 |
msgid "Aging"
|
171 |
msgstr ""
|
172 |
|
173 |
-
#: admin.php:
|
174 |
msgid ""
|
175 |
"How many days old can a password be before requiring it be changed? Not "
|
176 |
"recommended. 0 disables this feature."
|
177 |
msgstr ""
|
178 |
|
179 |
-
#: admin.php:
|
180 |
msgid "Grace Period"
|
181 |
msgstr ""
|
182 |
|
183 |
-
#: admin.php:
|
184 |
msgid ""
|
185 |
"How many minutes should a user have to change their password once they know "
|
186 |
"it has expired? Must be >= %d."
|
187 |
msgstr ""
|
188 |
|
189 |
-
#: admin.php:
|
190 |
msgid "History"
|
191 |
msgstr ""
|
192 |
|
193 |
-
#: admin.php:
|
194 |
msgid ""
|
195 |
"How many passwords should be remembered? Prevents reuse of old passwords. 0 "
|
196 |
"disables this feature."
|
197 |
msgstr ""
|
198 |
|
199 |
-
#: admin.php:
|
200 |
msgid "Login Failure Policies"
|
201 |
msgstr ""
|
202 |
|
203 |
-
#: admin.php:
|
204 |
msgid "Password Policies"
|
205 |
msgstr ""
|
206 |
|
207 |
-
#: admin.php:
|
208 |
msgid "Miscellaneous Policies"
|
209 |
msgstr ""
|
210 |
|
211 |
-
#: admin.php:
|
212 |
msgid ""
|
213 |
"This plugin stores the IP address, username and password for each failed log "
|
214 |
"in attempt."
|
215 |
msgstr ""
|
216 |
|
217 |
-
#: admin.php:
|
218 |
msgid ""
|
219 |
"The data from future login failures are compared against the historical data."
|
220 |
msgstr ""
|
221 |
|
222 |
-
#: admin.php:
|
223 |
msgid ""
|
224 |
"If any of the data points match, the plugin delays printing out the failure "
|
225 |
"message."
|
226 |
msgstr ""
|
227 |
|
228 |
-
#: admin.php:
|
229 |
msgid ""
|
230 |
"The goal is for the responses to take so long that the attackers give up and "
|
231 |
"go find an easier target."
|
232 |
msgstr ""
|
233 |
|
234 |
-
#: admin.php:
|
235 |
msgid "The length of the delay is broken up into three tiers."
|
236 |
msgstr ""
|
237 |
|
238 |
-
#: admin.php:
|
239 |
msgid "The amount of the delay increases in higher tiers."
|
240 |
msgstr ""
|
241 |
|
242 |
-
#: admin.php:
|
243 |
msgid ""
|
244 |
"The delay time within each tier is randomized to complicate profiling by "
|
245 |
"attackers."
|
246 |
msgstr ""
|
247 |
|
248 |
-
#: admin.php:
|
249 |
msgid "Default:"
|
250 |
msgstr ""
|
251 |
|
252 |
-
#: admin.php:
|
253 |
msgid "must be >= '%s',"
|
254 |
msgstr ""
|
255 |
|
256 |
-
#: admin.php:
|
257 |
msgid "so we used the default value instead."
|
258 |
msgstr ""
|
259 |
|
260 |
-
#: admin.php:
|
261 |
msgid "must be an integer,"
|
262 |
msgstr ""
|
263 |
|
264 |
-
#: admin.php:
|
265 |
msgid "There may be cases where everyone's password should be reset."
|
266 |
msgstr ""
|
267 |
|
268 |
-
#: admin.php:
|
269 |
msgid "This page, provided by the %s plugin, offers that functionality."
|
270 |
msgstr ""
|
271 |
|
272 |
-
#: admin.php:
|
273 |
msgid ""
|
274 |
"Submitting this form sets a flag that forces all users to utilize WordPress' "
|
275 |
"built in password reset functionality."
|
276 |
msgstr ""
|
277 |
|
278 |
-
#: admin.php:
|
279 |
msgid ""
|
280 |
"Users who are presently logged in will be logged out the next time they view "
|
281 |
"a page that requires authentication."
|
282 |
msgstr ""
|
283 |
|
284 |
-
#: admin.php:
|
285 |
msgid ""
|
286 |
"Confirm that you want to force all users to change their passwords by "
|
287 |
"checking this box, then click the button, below."
|
288 |
msgstr ""
|
289 |
|
290 |
-
#: admin.php:
|
291 |
msgid "No thanks. I know what I'm doing. Please don't remind me about this."
|
292 |
msgstr ""
|
293 |
|
294 |
-
#: admin.php:
|
295 |
msgid ""
|
296 |
"You have checked a box that does not correspond with the button you pressed. "
|
297 |
"Please check and press buttons inside the same section."
|
298 |
msgstr ""
|
299 |
|
300 |
-
#: admin.php:
|
301 |
msgid ""
|
302 |
"Please confirm that you really want to do this. Put a check in the '%s' box "
|
303 |
"before hitting the submit button."
|
304 |
msgstr ""
|
305 |
|
306 |
-
#: admin.php:
|
307 |
msgid "Success!"
|
308 |
msgstr ""
|
309 |
|
310 |
-
#: admin.php:
|
311 |
msgid ""
|
312 |
"WARNING: The site is in maintenance mode. DO NOT TOUCH ANYTHING! Your "
|
313 |
"changes may get overwritten!"
|
314 |
msgstr ""
|
315 |
|
316 |
-
#: admin.php:
|
317 |
msgid ""
|
318 |
"You have not asked your users to change their passwords since the plugin was "
|
319 |
"activated. Most users have weak passwords. This plugin's password policies "
|
@@ -321,98 +322,98 @@ msgid ""
|
|
321 |
"everyone on the Internet by making all users pick new, strong, passwords."
|
322 |
msgstr ""
|
323 |
|
324 |
-
#: admin.php:
|
325 |
msgid ""
|
326 |
"Speaking of which, do YOU have a strong password? Make sure by changing "
|
327 |
"yours too."
|
328 |
msgstr ""
|
329 |
|
330 |
-
#: admin.php:
|
331 |
msgid ""
|
332 |
"The following link leads to a user interface where you can either require "
|
333 |
"all passwords to be reset or disable this notice."
|
334 |
msgstr ""
|
335 |
|
336 |
-
#: admin.php:
|
337 |
msgid "You do not have sufficient permissions to access this page."
|
338 |
msgstr ""
|
339 |
|
340 |
-
#: admin.php:
|
341 |
msgid "$user_ID variable not set. Another plugin is misbehaving."
|
342 |
msgstr ""
|
343 |
|
344 |
-
#: login-security-solution.php:
|
345 |
#: tests/LoginErrorsTest.php:111
|
346 |
msgid "Invalid username or password."
|
347 |
msgstr ""
|
348 |
|
349 |
-
#: login-security-solution.php:
|
350 |
#: tests/LoginErrorsTest.php:139
|
351 |
msgid "Password reset is not allowed for this user"
|
352 |
msgstr ""
|
353 |
|
354 |
-
#: login-security-solution.php:
|
355 |
msgid "It has been over %d minutes since your last action."
|
356 |
msgstr ""
|
357 |
|
358 |
-
#: login-security-solution.php:
|
359 |
msgid "Please log back in."
|
360 |
msgstr ""
|
361 |
|
362 |
-
#: login-security-solution.php:
|
363 |
msgid "The grace period for changing your password has expired."
|
364 |
msgstr ""
|
365 |
|
366 |
-
#: login-security-solution.php:
|
367 |
msgid "Please submit this form to reset your password."
|
368 |
msgstr ""
|
369 |
|
370 |
-
#: login-security-solution.php:
|
371 |
msgid "Your password must be reset."
|
372 |
msgstr ""
|
373 |
|
374 |
-
#: login-security-solution.php:
|
375 |
msgid "Please submit this form to reset it."
|
376 |
msgstr ""
|
377 |
|
378 |
-
#: login-security-solution.php:
|
379 |
msgid "Your password has expired. Please log and change it."
|
380 |
msgstr ""
|
381 |
|
382 |
-
#: login-security-solution.php:
|
383 |
msgid "We provide a %d minute grace period to do so."
|
384 |
msgstr ""
|
385 |
|
386 |
-
#: login-security-solution.php:
|
387 |
msgid "The password you tried to create is not secure. Please try again."
|
388 |
msgstr ""
|
389 |
|
390 |
-
#: login-security-solution.php:
|
391 |
#: tests/LoginMessageTest.php:144
|
392 |
msgid "The site is undergoing maintenance."
|
393 |
msgstr ""
|
394 |
|
395 |
-
#: login-security-solution.php:
|
396 |
#: tests/LoginMessageTest.php:145
|
397 |
msgid "Please try again later."
|
398 |
msgstr ""
|
399 |
|
400 |
-
#: login-security-solution.php:
|
401 |
msgid ""
|
402 |
"The password should either be: A) at least %d characters long and contain "
|
403 |
"upper and lower case letters plus numbers and punctuation, or B) at least %d "
|
404 |
"characters long."
|
405 |
msgstr ""
|
406 |
|
407 |
-
#: login-security-solution.php:
|
408 |
msgid "Passwords can not be reused."
|
409 |
msgstr ""
|
410 |
|
411 |
-
#: login-security-solution.php:
|
412 |
msgid "ERROR"
|
413 |
msgstr ""
|
414 |
|
415 |
-
#: login-security-solution.php:
|
416 |
msgid ""
|
417 |
"\n"
|
418 |
"Component Count Value from Current Attempt\n"
|
@@ -422,22 +423,22 @@ msgid ""
|
|
422 |
"Password MD5 %5d %s\n"
|
423 |
msgstr ""
|
424 |
|
425 |
-
#: login-security-solution.php:
|
426 |
msgid "POTENTIAL INTRUSION AT %s"
|
427 |
msgstr ""
|
428 |
|
429 |
-
#: login-security-solution.php:
|
430 |
msgid "Your website, %s, may have been broken in to."
|
431 |
msgstr ""
|
432 |
|
433 |
-
#: login-security-solution.php:
|
434 |
msgid ""
|
435 |
"Someone just logged in using the following components. Prior to that, some "
|
436 |
"combination of those components were a part of %d failed attempts to log in "
|
437 |
"during the past %d minutes:"
|
438 |
msgstr ""
|
439 |
|
440 |
-
#: login-security-solution.php:
|
441 |
msgid ""
|
442 |
"The user's current IP address is one they have verified with your site in "
|
443 |
"the past. Therefore, the user will NOT be required to confirm their "
|
@@ -445,105 +446,105 @@ msgid ""
|
|
445 |
"just in case this actually was a breach."
|
446 |
msgstr ""
|
447 |
|
448 |
-
#: login-security-solution.php:
|
449 |
msgid ""
|
450 |
"The user has been logged out and will be required to confirm their identity "
|
451 |
"via the password reset functionality."
|
452 |
msgstr ""
|
453 |
|
454 |
-
#: login-security-solution.php:
|
455 |
msgid ""
|
456 |
"Someone just logged into your '%s' account at %s. Was it you that logged "
|
457 |
"in? We are asking because the site is being attacked."
|
458 |
msgstr ""
|
459 |
|
460 |
-
#: login-security-solution.php:
|
461 |
msgid "IF IT WAS NOT YOU, please do the following right away:"
|
462 |
msgstr ""
|
463 |
|
464 |
-
#: login-security-solution.php:
|
465 |
msgid "1) Log into %s and change your password."
|
466 |
msgstr ""
|
467 |
|
468 |
-
#: login-security-solution.php:
|
469 |
msgid "2) Send an email to %s letting them know it was not you who logged in."
|
470 |
msgstr ""
|
471 |
|
472 |
-
#: login-security-solution.php:
|
473 |
msgid "ATTACK HAPPENING TO %s"
|
474 |
msgstr ""
|
475 |
|
476 |
-
#: login-security-solution.php:
|
477 |
msgid "Your website, %s, is undergoing a brute force attack."
|
478 |
msgstr ""
|
479 |
|
480 |
-
#: login-security-solution.php:
|
481 |
msgid ""
|
482 |
"There have been at least %d failed attempts to log in during the past %d "
|
483 |
"minutes that used one or more of the following components:"
|
484 |
msgstr ""
|
485 |
|
486 |
-
#: login-security-solution.php:
|
487 |
msgid ""
|
488 |
"The %s plugin for WordPress is repelling the attack by making their login "
|
489 |
"failures take a very long time."
|
490 |
msgstr ""
|
491 |
|
492 |
-
#: login-security-solution.php:
|
493 |
msgid "Password not set."
|
494 |
msgstr ""
|
495 |
|
496 |
-
#: login-security-solution.php:
|
497 |
msgid "Passwords must be strings."
|
498 |
msgstr ""
|
499 |
|
500 |
-
#: login-security-solution.php:
|
501 |
msgid "Passwords must use ASCII characters."
|
502 |
msgstr ""
|
503 |
|
504 |
-
#: login-security-solution.php:
|
505 |
#: tests/PasswordValidationTest.php:491 tests/PasswordValidationTest.php:505
|
506 |
msgid "Password is too short."
|
507 |
msgstr ""
|
508 |
|
509 |
-
#: login-security-solution.php:
|
510 |
msgid "Passwords must either contain numbers or be %d characters long."
|
511 |
msgstr ""
|
512 |
|
513 |
-
#: login-security-solution.php:
|
514 |
msgid ""
|
515 |
"Passwords must either contain punctuation marks / symbols or be %d "
|
516 |
"characters long."
|
517 |
msgstr ""
|
518 |
|
519 |
-
#: login-security-solution.php:
|
520 |
msgid ""
|
521 |
"Passwords must either contain upper-case and lower-case letters or be %d "
|
522 |
"characters long."
|
523 |
msgstr ""
|
524 |
|
525 |
-
#: login-security-solution.php:
|
526 |
msgid "Passwords can't be sequential keys."
|
527 |
msgstr ""
|
528 |
|
529 |
-
#: login-security-solution.php:
|
530 |
msgid "Passwords can't have that many sequential characters."
|
531 |
msgstr ""
|
532 |
|
533 |
-
#: login-security-solution.php:
|
534 |
#: tests/PasswordValidationTest.php:596
|
535 |
msgid "Passwords can't contain user data."
|
536 |
msgstr ""
|
537 |
|
538 |
-
#: login-security-solution.php:
|
539 |
msgid "Passwords can't contain site info."
|
540 |
msgstr ""
|
541 |
|
542 |
-
#: login-security-solution.php:
|
543 |
msgid "Password is too common."
|
544 |
msgstr ""
|
545 |
|
546 |
-
#: login-security-solution.php:
|
547 |
msgid "Passwords can't be variations of dictionary words."
|
548 |
msgstr ""
|
549 |
|
2 |
# This file is distributed under the same license as the Login Security Solution package.
|
3 |
msgid ""
|
4 |
msgstr ""
|
5 |
+
"Project-Id-Version: Login Security Solution 0.22.0\n"
|
6 |
+
"Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
|
7 |
+
"solution\n"
|
8 |
+
"POT-Creation-Date: 2012-08-17 00:42:14+00:00\n"
|
9 |
"MIME-Version: 1.0\n"
|
10 |
"Content-Type: text/plain; charset=UTF-8\n"
|
11 |
"Content-Transfer-Encoding: 8bit\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
15 |
|
16 |
+
#: admin.php:113 admin.php:363
|
17 |
msgid "Settings"
|
18 |
msgstr ""
|
19 |
|
20 |
+
#: admin.php:127
|
21 |
msgid "Change All Passwords"
|
22 |
msgstr ""
|
23 |
|
24 |
+
#: admin.php:128
|
25 |
msgid "Do not remind me about this"
|
26 |
msgstr ""
|
27 |
|
28 |
+
#: admin.php:129
|
29 |
msgid "Require All Passwords Be Changed"
|
30 |
msgstr ""
|
31 |
|
32 |
+
#: admin.php:144
|
33 |
msgid ""
|
34 |
"%s must be activated via the Network Admin interface when WordPress is in "
|
35 |
"multistie network mode."
|
36 |
msgstr ""
|
37 |
|
38 |
+
#: admin.php:250
|
39 |
msgid "Idle Timeout"
|
40 |
msgstr ""
|
41 |
|
42 |
+
#: admin.php:251
|
43 |
msgid ""
|
44 |
"Close inactive sessions after this many minutes. 0 disables this feature."
|
45 |
msgstr ""
|
46 |
|
47 |
+
#: admin.php:256
|
48 |
msgid "Maintenance Mode"
|
49 |
msgstr ""
|
50 |
|
51 |
+
#: admin.php:257
|
52 |
msgid ""
|
53 |
"Disable logins from users who are not administrators and disable posting of "
|
54 |
"comments?"
|
55 |
msgstr ""
|
56 |
|
57 |
+
#: admin.php:259
|
58 |
msgid "Off, let all users log in."
|
59 |
msgstr ""
|
60 |
|
61 |
+
#: admin.php:260
|
62 |
msgid "On, disable comments and only let administrators log in."
|
63 |
msgstr ""
|
64 |
|
65 |
+
#: admin.php:264
|
66 |
msgid "Deactivation"
|
67 |
msgstr ""
|
68 |
|
69 |
+
#: admin.php:265
|
70 |
msgid ""
|
71 |
"Should deactivating the plugin remove all of the plugin's data and settings?"
|
72 |
msgstr ""
|
73 |
|
74 |
+
#: admin.php:267
|
75 |
msgid "No, preserve the data for future use."
|
76 |
msgstr ""
|
77 |
|
78 |
+
#: admin.php:268
|
79 |
msgid "Yes, delete the damn data."
|
80 |
msgstr ""
|
81 |
|
82 |
+
#: admin.php:273
|
83 |
msgid "Match Time"
|
84 |
msgstr ""
|
85 |
|
86 |
+
#: admin.php:274
|
87 |
msgid "How far back, in minutes, should login failures look for matching data?"
|
88 |
msgstr ""
|
89 |
|
90 |
+
#: admin.php:279
|
91 |
msgid "Delay Tier 2"
|
92 |
msgstr ""
|
93 |
|
94 |
+
#: admin.php:280
|
95 |
msgid ""
|
96 |
"How many matching login failures should it take to get into this (%d - %d "
|
97 |
"second) Delay Tier? Must be >= %d."
|
98 |
msgstr ""
|
99 |
|
100 |
+
#: admin.php:286
|
101 |
msgid "Delay Tier 3"
|
102 |
msgstr ""
|
103 |
|
104 |
+
#: admin.php:287
|
105 |
msgid ""
|
106 |
"How many matching login failures should it take to get into this (%d - %d "
|
107 |
"second) Delay Tier? Must be > Delay Tier 2."
|
108 |
msgstr ""
|
109 |
|
110 |
+
#: admin.php:292
|
111 |
msgid "Notifications To"
|
112 |
msgstr ""
|
113 |
|
114 |
+
#: admin.php:293
|
115 |
msgid ""
|
116 |
"The email address(es) the failure and breach notifications should be sent "
|
117 |
"to. For multiple addresses, separate them with commas. WordPress' "
|
118 |
"'admin_email' setting is used if none is provided here."
|
119 |
msgstr ""
|
120 |
|
121 |
+
#: admin.php:298
|
122 |
msgid "Failure Notification"
|
123 |
msgstr ""
|
124 |
|
125 |
+
#: admin.php:299
|
126 |
msgid ""
|
127 |
"Notify the administrator upon every x matching login failures. 0 disables "
|
128 |
"this feature."
|
129 |
msgstr ""
|
130 |
|
131 |
+
#: admin.php:304
|
132 |
msgid "Breach Notification"
|
133 |
msgstr ""
|
134 |
|
135 |
+
#: admin.php:305
|
136 |
msgid ""
|
137 |
"Notify the administrator if a successful login uses data matching x login "
|
138 |
"failures. 0 disables this feature."
|
139 |
msgstr ""
|
140 |
|
141 |
+
#: admin.php:310
|
142 |
msgid "Breach Email Confirm"
|
143 |
msgstr ""
|
144 |
|
145 |
+
#: admin.php:311
|
146 |
msgid ""
|
147 |
"If a successful login uses data matching x login failures, immediately log "
|
148 |
"the user out and require them to use WordPress' lost password process. 0 "
|
149 |
"disables this feature."
|
150 |
msgstr ""
|
151 |
|
152 |
+
#: admin.php:317
|
153 |
msgid "Length"
|
154 |
msgstr ""
|
155 |
|
156 |
+
#: admin.php:318
|
157 |
msgid "How long must passwords be? Must be >= %d."
|
158 |
msgstr ""
|
159 |
|
160 |
+
#: admin.php:324
|
161 |
msgid "Complexity Exemption"
|
162 |
msgstr ""
|
163 |
|
164 |
+
#: admin.php:325
|
165 |
msgid ""
|
166 |
"How long must passwords be to be exempt from the complexity requirements? "
|
167 |
"Must be >= %d."
|
168 |
msgstr ""
|
169 |
|
170 |
+
#: admin.php:331
|
171 |
msgid "Aging"
|
172 |
msgstr ""
|
173 |
|
174 |
+
#: admin.php:332
|
175 |
msgid ""
|
176 |
"How many days old can a password be before requiring it be changed? Not "
|
177 |
"recommended. 0 disables this feature."
|
178 |
msgstr ""
|
179 |
|
180 |
+
#: admin.php:337
|
181 |
msgid "Grace Period"
|
182 |
msgstr ""
|
183 |
|
184 |
+
#: admin.php:338
|
185 |
msgid ""
|
186 |
"How many minutes should a user have to change their password once they know "
|
187 |
"it has expired? Must be >= %d."
|
188 |
msgstr ""
|
189 |
|
190 |
+
#: admin.php:344
|
191 |
msgid "History"
|
192 |
msgstr ""
|
193 |
|
194 |
+
#: admin.php:345
|
195 |
msgid ""
|
196 |
"How many passwords should be remembered? Prevents reuse of old passwords. 0 "
|
197 |
"disables this feature."
|
198 |
msgstr ""
|
199 |
|
200 |
+
#: admin.php:406
|
201 |
msgid "Login Failure Policies"
|
202 |
msgstr ""
|
203 |
|
204 |
+
#: admin.php:412
|
205 |
msgid "Password Policies"
|
206 |
msgstr ""
|
207 |
|
208 |
+
#: admin.php:418
|
209 |
msgid "Miscellaneous Policies"
|
210 |
msgstr ""
|
211 |
|
212 |
+
#: admin.php:468
|
213 |
msgid ""
|
214 |
"This plugin stores the IP address, username and password for each failed log "
|
215 |
"in attempt."
|
216 |
msgstr ""
|
217 |
|
218 |
+
#: admin.php:470
|
219 |
msgid ""
|
220 |
"The data from future login failures are compared against the historical data."
|
221 |
msgstr ""
|
222 |
|
223 |
+
#: admin.php:472
|
224 |
msgid ""
|
225 |
"If any of the data points match, the plugin delays printing out the failure "
|
226 |
"message."
|
227 |
msgstr ""
|
228 |
|
229 |
+
#: admin.php:474
|
230 |
msgid ""
|
231 |
"The goal is for the responses to take so long that the attackers give up and "
|
232 |
"go find an easier target."
|
233 |
msgstr ""
|
234 |
|
235 |
+
#: admin.php:476
|
236 |
msgid "The length of the delay is broken up into three tiers."
|
237 |
msgstr ""
|
238 |
|
239 |
+
#: admin.php:478
|
240 |
msgid "The amount of the delay increases in higher tiers."
|
241 |
msgstr ""
|
242 |
|
243 |
+
#: admin.php:480
|
244 |
msgid ""
|
245 |
"The delay time within each tier is randomized to complicate profiling by "
|
246 |
"attackers."
|
247 |
msgstr ""
|
248 |
|
249 |
+
#: admin.php:539 admin.php:554
|
250 |
msgid "Default:"
|
251 |
msgstr ""
|
252 |
|
253 |
+
#: admin.php:578
|
254 |
msgid "must be >= '%s',"
|
255 |
msgstr ""
|
256 |
|
257 |
+
#: admin.php:579
|
258 |
msgid "so we used the default value instead."
|
259 |
msgstr ""
|
260 |
|
261 |
+
#: admin.php:612
|
262 |
msgid "must be an integer,"
|
263 |
msgstr ""
|
264 |
|
265 |
+
#: admin.php:715
|
266 |
msgid "There may be cases where everyone's password should be reset."
|
267 |
msgstr ""
|
268 |
|
269 |
+
#: admin.php:717
|
270 |
msgid "This page, provided by the %s plugin, offers that functionality."
|
271 |
msgstr ""
|
272 |
|
273 |
+
#: admin.php:721
|
274 |
msgid ""
|
275 |
"Submitting this form sets a flag that forces all users to utilize WordPress' "
|
276 |
"built in password reset functionality."
|
277 |
msgstr ""
|
278 |
|
279 |
+
#: admin.php:723
|
280 |
msgid ""
|
281 |
"Users who are presently logged in will be logged out the next time they view "
|
282 |
"a page that requires authentication."
|
283 |
msgstr ""
|
284 |
|
285 |
+
#: admin.php:735
|
286 |
msgid ""
|
287 |
"Confirm that you want to force all users to change their passwords by "
|
288 |
"checking this box, then click the button, below."
|
289 |
msgstr ""
|
290 |
|
291 |
+
#: admin.php:754
|
292 |
msgid "No thanks. I know what I'm doing. Please don't remind me about this."
|
293 |
msgstr ""
|
294 |
|
295 |
+
#: admin.php:786
|
296 |
msgid ""
|
297 |
"You have checked a box that does not correspond with the button you pressed. "
|
298 |
"Please check and press buttons inside the same section."
|
299 |
msgstr ""
|
300 |
|
301 |
+
#: admin.php:788
|
302 |
msgid ""
|
303 |
"Please confirm that you really want to do this. Put a check in the '%s' box "
|
304 |
"before hitting the submit button."
|
305 |
msgstr ""
|
306 |
|
307 |
+
#: admin.php:804 admin.php:824
|
308 |
msgid "Success!"
|
309 |
msgstr ""
|
310 |
|
311 |
+
#: admin.php:856
|
312 |
msgid ""
|
313 |
"WARNING: The site is in maintenance mode. DO NOT TOUCH ANYTHING! Your "
|
314 |
"changes may get overwritten!"
|
315 |
msgstr ""
|
316 |
|
317 |
+
#: admin.php:880
|
318 |
msgid ""
|
319 |
"You have not asked your users to change their passwords since the plugin was "
|
320 |
"activated. Most users have weak passwords. This plugin's password policies "
|
322 |
"everyone on the Internet by making all users pick new, strong, passwords."
|
323 |
msgstr ""
|
324 |
|
325 |
+
#: admin.php:884
|
326 |
msgid ""
|
327 |
"Speaking of which, do YOU have a strong password? Make sure by changing "
|
328 |
"yours too."
|
329 |
msgstr ""
|
330 |
|
331 |
+
#: admin.php:888
|
332 |
msgid ""
|
333 |
"The following link leads to a user interface where you can either require "
|
334 |
"all passwords to be reset or disable this notice."
|
335 |
msgstr ""
|
336 |
|
337 |
+
#: admin.php:918
|
338 |
msgid "You do not have sufficient permissions to access this page."
|
339 |
msgstr ""
|
340 |
|
341 |
+
#: admin.php:924
|
342 |
msgid "$user_ID variable not set. Another plugin is misbehaving."
|
343 |
msgstr ""
|
344 |
|
345 |
+
#: login-security-solution.php:516 tests/LoginErrorsTest.php:97
|
346 |
#: tests/LoginErrorsTest.php:111
|
347 |
msgid "Invalid username or password."
|
348 |
msgstr ""
|
349 |
|
350 |
+
#: login-security-solution.php:522 tests/LoginErrorsTest.php:125
|
351 |
#: tests/LoginErrorsTest.php:139
|
352 |
msgid "Password reset is not allowed for this user"
|
353 |
msgstr ""
|
354 |
|
355 |
+
#: login-security-solution.php:547 tests/LoginMessageTest.php:66
|
356 |
msgid "It has been over %d minutes since your last action."
|
357 |
msgstr ""
|
358 |
|
359 |
+
#: login-security-solution.php:548 tests/LoginMessageTest.php:67
|
360 |
msgid "Please log back in."
|
361 |
msgstr ""
|
362 |
|
363 |
+
#: login-security-solution.php:551 tests/LoginMessageTest.php:77
|
364 |
msgid "The grace period for changing your password has expired."
|
365 |
msgstr ""
|
366 |
|
367 |
+
#: login-security-solution.php:552 tests/LoginMessageTest.php:78
|
368 |
msgid "Please submit this form to reset your password."
|
369 |
msgstr ""
|
370 |
|
371 |
+
#: login-security-solution.php:555 tests/LoginMessageTest.php:88
|
372 |
msgid "Your password must be reset."
|
373 |
msgstr ""
|
374 |
|
375 |
+
#: login-security-solution.php:556 tests/LoginMessageTest.php:89
|
376 |
msgid "Please submit this form to reset it."
|
377 |
msgstr ""
|
378 |
|
379 |
+
#: login-security-solution.php:559 tests/LoginMessageTest.php:104
|
380 |
msgid "Your password has expired. Please log and change it."
|
381 |
msgstr ""
|
382 |
|
383 |
+
#: login-security-solution.php:560 tests/LoginMessageTest.php:105
|
384 |
msgid "We provide a %d minute grace period to do so."
|
385 |
msgstr ""
|
386 |
|
387 |
+
#: login-security-solution.php:563 tests/LoginMessageTest.php:115
|
388 |
msgid "The password you tried to create is not secure. Please try again."
|
389 |
msgstr ""
|
390 |
|
391 |
+
#: login-security-solution.php:569 tests/LoginMessageTest.php:129
|
392 |
#: tests/LoginMessageTest.php:144
|
393 |
msgid "The site is undergoing maintenance."
|
394 |
msgstr ""
|
395 |
|
396 |
+
#: login-security-solution.php:570 tests/LoginMessageTest.php:130
|
397 |
#: tests/LoginMessageTest.php:145
|
398 |
msgid "Please try again later."
|
399 |
msgstr ""
|
400 |
|
401 |
+
#: login-security-solution.php:641
|
402 |
msgid ""
|
403 |
"The password should either be: A) at least %d characters long and contain "
|
404 |
"upper and lower case letters plus numbers and punctuation, or B) at least %d "
|
405 |
"characters long."
|
406 |
msgstr ""
|
407 |
|
408 |
+
#: login-security-solution.php:675 tests/PasswordChangeTest.php:277
|
409 |
msgid "Passwords can not be reused."
|
410 |
msgstr ""
|
411 |
|
412 |
+
#: login-security-solution.php:850
|
413 |
msgid "ERROR"
|
414 |
msgstr ""
|
415 |
|
416 |
+
#: login-security-solution.php:987
|
417 |
msgid ""
|
418 |
"\n"
|
419 |
"Component Count Value from Current Attempt\n"
|
423 |
"Password MD5 %5d %s\n"
|
424 |
msgstr ""
|
425 |
|
426 |
+
#: login-security-solution.php:1822 login-security-solution.php:1859
|
427 |
msgid "POTENTIAL INTRUSION AT %s"
|
428 |
msgstr ""
|
429 |
|
430 |
+
#: login-security-solution.php:1826
|
431 |
msgid "Your website, %s, may have been broken in to."
|
432 |
msgstr ""
|
433 |
|
434 |
+
#: login-security-solution.php:1829
|
435 |
msgid ""
|
436 |
"Someone just logged in using the following components. Prior to that, some "
|
437 |
"combination of those components were a part of %d failed attempts to log in "
|
438 |
"during the past %d minutes:"
|
439 |
msgstr ""
|
440 |
|
441 |
+
#: login-security-solution.php:1835
|
442 |
msgid ""
|
443 |
"The user's current IP address is one they have verified with your site in "
|
444 |
"the past. Therefore, the user will NOT be required to confirm their "
|
446 |
"just in case this actually was a breach."
|
447 |
msgstr ""
|
448 |
|
449 |
+
#: login-security-solution.php:1837
|
450 |
msgid ""
|
451 |
"The user has been logged out and will be required to confirm their identity "
|
452 |
"via the password reset functionality."
|
453 |
msgstr ""
|
454 |
|
455 |
+
#: login-security-solution.php:1863
|
456 |
msgid ""
|
457 |
"Someone just logged into your '%s' account at %s. Was it you that logged "
|
458 |
"in? We are asking because the site is being attacked."
|
459 |
msgstr ""
|
460 |
|
461 |
+
#: login-security-solution.php:1864
|
462 |
msgid "IF IT WAS NOT YOU, please do the following right away:"
|
463 |
msgstr ""
|
464 |
|
465 |
+
#: login-security-solution.php:1865
|
466 |
msgid "1) Log into %s and change your password."
|
467 |
msgstr ""
|
468 |
|
469 |
+
#: login-security-solution.php:1866
|
470 |
msgid "2) Send an email to %s letting them know it was not you who logged in."
|
471 |
msgstr ""
|
472 |
|
473 |
+
#: login-security-solution.php:1892
|
474 |
msgid "ATTACK HAPPENING TO %s"
|
475 |
msgstr ""
|
476 |
|
477 |
+
#: login-security-solution.php:1896
|
478 |
msgid "Your website, %s, is undergoing a brute force attack."
|
479 |
msgstr ""
|
480 |
|
481 |
+
#: login-security-solution.php:1899
|
482 |
msgid ""
|
483 |
"There have been at least %d failed attempts to log in during the past %d "
|
484 |
"minutes that used one or more of the following components:"
|
485 |
msgstr ""
|
486 |
|
487 |
+
#: login-security-solution.php:1904
|
488 |
msgid ""
|
489 |
"The %s plugin for WordPress is repelling the attack by making their login "
|
490 |
"failures take a very long time."
|
491 |
msgstr ""
|
492 |
|
493 |
+
#: login-security-solution.php:2265 tests/PasswordValidationTest.php:450
|
494 |
msgid "Password not set."
|
495 |
msgstr ""
|
496 |
|
497 |
+
#: login-security-solution.php:2280 tests/PasswordValidationTest.php:461
|
498 |
msgid "Passwords must be strings."
|
499 |
msgstr ""
|
500 |
|
501 |
+
#: login-security-solution.php:2298 tests/PasswordValidationTest.php:474
|
502 |
msgid "Passwords must use ASCII characters."
|
503 |
msgstr ""
|
504 |
|
505 |
+
#: login-security-solution.php:2317 tests/PasswordChangeTest.php:310
|
506 |
#: tests/PasswordValidationTest.php:491 tests/PasswordValidationTest.php:505
|
507 |
msgid "Password is too short."
|
508 |
msgstr ""
|
509 |
|
510 |
+
#: login-security-solution.php:2326 tests/PasswordValidationTest.php:531
|
511 |
msgid "Passwords must either contain numbers or be %d characters long."
|
512 |
msgstr ""
|
513 |
|
514 |
+
#: login-security-solution.php:2335 tests/PasswordValidationTest.php:518
|
515 |
msgid ""
|
516 |
"Passwords must either contain punctuation marks / symbols or be %d "
|
517 |
"characters long."
|
518 |
msgstr ""
|
519 |
|
520 |
+
#: login-security-solution.php:2344 tests/PasswordValidationTest.php:544
|
521 |
msgid ""
|
522 |
"Passwords must either contain upper-case and lower-case letters or be %d "
|
523 |
"characters long."
|
524 |
msgstr ""
|
525 |
|
526 |
+
#: login-security-solution.php:2354 tests/PasswordValidationTest.php:557
|
527 |
msgid "Passwords can't be sequential keys."
|
528 |
msgstr ""
|
529 |
|
530 |
+
#: login-security-solution.php:2363 tests/PasswordValidationTest.php:570
|
531 |
msgid "Passwords can't have that many sequential characters."
|
532 |
msgstr ""
|
533 |
|
534 |
+
#: login-security-solution.php:2379 tests/PasswordValidationTest.php:583
|
535 |
#: tests/PasswordValidationTest.php:596
|
536 |
msgid "Passwords can't contain user data."
|
537 |
msgstr ""
|
538 |
|
539 |
+
#: login-security-solution.php:2390 tests/PasswordValidationTest.php:609
|
540 |
msgid "Passwords can't contain site info."
|
541 |
msgstr ""
|
542 |
|
543 |
+
#: login-security-solution.php:2399 tests/PasswordValidationTest.php:622
|
544 |
msgid "Password is too common."
|
545 |
msgstr ""
|
546 |
|
547 |
+
#: login-security-solution.php:2408 tests/PasswordValidationTest.php:638
|
548 |
msgid "Passwords can't be variations of dictionary words."
|
549 |
msgstr ""
|
550 |
|
languages/updatepos.sh
ADDED
@@ -0,0 +1,8 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
#! /bin/bash -e
|
2 |
+
|
3 |
+
cd "`dirname "$0"`"
|
4 |
+
|
5 |
+
while read file ; do
|
6 |
+
echo "Merging $file..."
|
7 |
+
msgmerge -vUN --backup=off $file login-security-solution.pot
|
8 |
+
done < <(ls *po)
|
login-security-solution.php
CHANGED
@@ -6,7 +6,7 @@
|
|
6 |
* Description: Requires very strong passwords, repels brute force login attacks, prevents login information disclosures, expires idle sessions, notifies admins of attacks and breaches, permits administrators to disable logins for maintenance or emergency reasons and reset all passwords.
|
7 |
*
|
8 |
* Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/
|
9 |
-
* Version: 0.
|
10 |
* Author: Daniel Convissor
|
11 |
* Author URI: http://www.analysisandsolutions.com/
|
12 |
* License: GPLv2
|
@@ -113,7 +113,7 @@ class login_security_solution {
|
|
113 |
'login_fail_minutes' => 120,
|
114 |
'login_fail_tier_2' => 5,
|
115 |
'login_fail_tier_3' => 10,
|
116 |
-
'login_fail_notify' =>
|
117 |
'login_fail_breach_notify' => 6,
|
118 |
'login_fail_breach_pw_force_change' => 6,
|
119 |
'pw_change_days' => 0,
|
@@ -317,8 +317,24 @@ class login_security_solution {
|
|
317 |
* and slow down the response as necessary
|
318 |
*/
|
319 |
public function auth_cookie_bad($cookie_elements) {
|
320 |
-
$
|
321 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
322 |
}
|
323 |
|
324 |
/**
|
@@ -494,7 +510,7 @@ class login_security_solution {
|
|
494 |
$user_pass = empty($_POST['pwd']) ? '' : $_POST['pwd'];
|
495 |
// Unset user name to avoid information disclosure.
|
496 |
unset($_POST['log']);
|
497 |
-
###$this->log("login_fail():
|
498 |
$this->process_login_fail($user_name, $user_pass);
|
499 |
$this->load_plugin_textdomain();
|
500 |
return $this->hsc_utf8(__('Invalid username or password.', self::ID));
|
@@ -1194,6 +1210,36 @@ Password MD5 %5d %s
|
|
1194 |
return false;
|
1195 |
}
|
1196 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1197 |
/**
|
1198 |
* Does this password show up in the "dict" program?
|
1199 |
*
|
@@ -1867,6 +1913,7 @@ Password MD5 %5d %s
|
|
1867 |
*
|
1868 |
* @param string $user_name the user name from the current login form
|
1869 |
* @param string $user_pass the unhashed new password
|
|
|
1870 |
* @return int the number of seconds sleep()'ed (for use by unit tests)
|
1871 |
*
|
1872 |
* @uses login_security_solution::get_ip() to get the IP address
|
@@ -1877,13 +1924,20 @@ Password MD5 %5d %s
|
|
1877 |
* they're over the limit
|
1878 |
* @uses login_security_solution::notify_fail() to warn of an attack
|
1879 |
*/
|
1880 |
-
protected function process_login_fail($user_name, $user_pass
|
|
|
|
|
1881 |
global $wpdb;
|
1882 |
|
1883 |
$ip = $this->get_ip();
|
1884 |
$network_ip = $this->get_network_ip($ip);
|
1885 |
$pass_md5 = $this->md5($user_pass);
|
1886 |
|
|
|
|
|
|
|
|
|
|
|
1887 |
$this->insert_fail($ip, $user_name, $pass_md5);
|
1888 |
|
1889 |
$fails = $this->get_login_fail($network_ip, $user_name, $pass_md5);
|
@@ -1910,7 +1964,9 @@ Password MD5 %5d %s
|
|
1910 |
}
|
1911 |
|
1912 |
// Keep login failures from becoming denial of service attacks.
|
1913 |
-
|
|
|
|
|
1914 |
|
1915 |
// Increasingly slow down attackers to the point they'll give up.
|
1916 |
sleep($sleep);
|
6 |
* Description: Requires very strong passwords, repels brute force login attacks, prevents login information disclosures, expires idle sessions, notifies admins of attacks and breaches, permits administrators to disable logins for maintenance or emergency reasons and reset all passwords.
|
7 |
*
|
8 |
* Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/
|
9 |
+
* Version: 0.22.0
|
10 |
* Author: Daniel Convissor
|
11 |
* Author URI: http://www.analysisandsolutions.com/
|
12 |
* License: GPLv2
|
113 |
'login_fail_minutes' => 120,
|
114 |
'login_fail_tier_2' => 5,
|
115 |
'login_fail_tier_3' => 10,
|
116 |
+
'login_fail_notify' => 50,
|
117 |
'login_fail_breach_notify' => 6,
|
118 |
'login_fail_breach_pw_force_change' => 6,
|
119 |
'pw_change_days' => 0,
|
317 |
* and slow down the response as necessary
|
318 |
*/
|
319 |
public function auth_cookie_bad($cookie_elements) {
|
320 |
+
if (empty($cookie_elements['username'])) {
|
321 |
+
$username = '';
|
322 |
+
} else {
|
323 |
+
$username = $cookie_elements['username'];
|
324 |
+
}
|
325 |
+
if (empty($cookie_elements['hmac'])) {
|
326 |
+
$hmac = '';
|
327 |
+
} else {
|
328 |
+
$hmac = $cookie_elements['hmac'];
|
329 |
+
}
|
330 |
+
###$this->log("auth_cookie_bad: $username, $hmac");
|
331 |
+
|
332 |
+
// Remove cookies to prevent further mayhem.
|
333 |
+
wp_clear_auth_cookie();
|
334 |
+
|
335 |
+
// The auth cookie process happens so early that we can't close the
|
336 |
+
// database connection yet.
|
337 |
+
$this->process_login_fail($username, $hmac, false);
|
338 |
}
|
339 |
|
340 |
/**
|
510 |
$user_pass = empty($_POST['pwd']) ? '' : $_POST['pwd'];
|
511 |
// Unset user name to avoid information disclosure.
|
512 |
unset($_POST['log']);
|
513 |
+
###$this->log("login_fail(): $user_name, $user_pass.");
|
514 |
$this->process_login_fail($user_name, $user_pass);
|
515 |
$this->load_plugin_textdomain();
|
516 |
return $this->hsc_utf8(__('Invalid username or password.', self::ID));
|
1210 |
return false;
|
1211 |
}
|
1212 |
|
1213 |
+
/**
|
1214 |
+
* Does the current login failure exactly match an earlier failure
|
1215 |
+
* in the period specified by login_fail_minutes?
|
1216 |
+
*
|
1217 |
+
* @param string $ip a prior result from get_ip()
|
1218 |
+
* @param string $user_name the user name from the current login form
|
1219 |
+
* @param string $pass_md5 the md5 hashed new password
|
1220 |
+
* @return bool
|
1221 |
+
*
|
1222 |
+
* @uses login_security_solution::$options for the login_fail_minutes
|
1223 |
+
* setting
|
1224 |
+
*/
|
1225 |
+
protected function is_login_fail_exact_match($ip, $user_name, $pass_md5) {
|
1226 |
+
global $wpdb;
|
1227 |
+
|
1228 |
+
$wpdb->escape_by_ref($ip);
|
1229 |
+
$wpdb->escape_by_ref($user_name);
|
1230 |
+
$wpdb->escape_by_ref($pass_md5);
|
1231 |
+
|
1232 |
+
$sql = "SELECT COUNT(*) AS total
|
1233 |
+
FROM `$this->table_fail`
|
1234 |
+
WHERE (ip = '$ip'
|
1235 |
+
AND user_login = '$user_name'
|
1236 |
+
AND pass_md5 = '$pass_md5')
|
1237 |
+
AND date_failed > DATE_SUB(NOW(), INTERVAL "
|
1238 |
+
. (int) $this->options['login_fail_minutes'] . " MINUTE)";
|
1239 |
+
|
1240 |
+
return (bool) $wpdb->get_var($sql);
|
1241 |
+
}
|
1242 |
+
|
1243 |
/**
|
1244 |
* Does this password show up in the "dict" program?
|
1245 |
*
|
1913 |
*
|
1914 |
* @param string $user_name the user name from the current login form
|
1915 |
* @param string $user_pass the unhashed new password
|
1916 |
+
* @param bool $close_db should mysql_close() be called?
|
1917 |
* @return int the number of seconds sleep()'ed (for use by unit tests)
|
1918 |
*
|
1919 |
* @uses login_security_solution::get_ip() to get the IP address
|
1924 |
* they're over the limit
|
1925 |
* @uses login_security_solution::notify_fail() to warn of an attack
|
1926 |
*/
|
1927 |
+
protected function process_login_fail($user_name, $user_pass,
|
1928 |
+
$close_db = true)
|
1929 |
+
{
|
1930 |
global $wpdb;
|
1931 |
|
1932 |
$ip = $this->get_ip();
|
1933 |
$network_ip = $this->get_network_ip($ip);
|
1934 |
$pass_md5 = $this->md5($user_pass);
|
1935 |
|
1936 |
+
if ($this->is_login_fail_exact_match($ip, $user_name, $pass_md5)) {
|
1937 |
+
// Don't track duplicates, user is trying bad pw over and over.
|
1938 |
+
return -1;
|
1939 |
+
}
|
1940 |
+
|
1941 |
$this->insert_fail($ip, $user_name, $pass_md5);
|
1942 |
|
1943 |
$fails = $this->get_login_fail($network_ip, $user_name, $pass_md5);
|
1964 |
}
|
1965 |
|
1966 |
// Keep login failures from becoming denial of service attacks.
|
1967 |
+
if ($close_db) {
|
1968 |
+
mysql_close($wpdb->dbh);
|
1969 |
+
}
|
1970 |
|
1971 |
// Increasingly slow down attackers to the point they'll give up.
|
1972 |
sleep($sleep);
|
readme.txt
CHANGED
@@ -1,12 +1,12 @@
|
|
1 |
=== Login Security Solution ===
|
2 |
Contributors: convissor
|
3 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=danielc%40analysisandsolutions%2ecom&lc=US&item_name=Donate%3a%20Login%20Security%20Solution¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
|
4 |
-
Tags: login, password, passwords, strength, strong, strong passwords, password strength, idle, timeout, maintenance, security, attack, hack, lock, ban, brute force, brute, force, authentication, auth, cookie, users
|
5 |
Requires at least: 3.3
|
6 |
Tested up to: 3.4.1
|
7 |
-
Stable tag: 0.
|
8 |
|
9 |
-
Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode.
|
10 |
|
11 |
|
12 |
== Description ==
|
@@ -89,6 +89,11 @@ The tests have caught every password dictionary entry I've tried.
|
|
89 |
* Internationalized unit tests
|
90 |
|
91 |
|
|
|
|
|
|
|
|
|
|
|
92 |
= Securing Your WordPress Site is Important =
|
93 |
|
94 |
You're probably thinking "There's nothing valuable on my website. No one
|
@@ -121,6 +126,16 @@ conflicts during program execution. Please read the FAQ!
|
|
121 |
|
122 |
1. Before installing this plugin, read the FAQ!
|
123 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
124 |
1. Download the Login Security Solution zip file from WordPress' plugin
|
125 |
site: `http://wordpress.org/extend/plugins/login-security-solution/`
|
126 |
|
@@ -235,6 +250,17 @@ news is we provide more robust protection in those areas and the Better WP
|
|
235 |
Security "Settings" page lets you disable those features in their plugin.
|
236 |
This way you get to enjoy even better security than either plugin alone.
|
237 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
238 |
= Where should I report bugs and feature requests? =
|
239 |
|
240 |
Report bugs and submit feature requests by opening a ticket in WordPress'
|
@@ -285,6 +311,12 @@ implementation, use the script I made for generating all of the .mo files:
|
|
285 |
|
286 |
== Changelog ==
|
287 |
|
|
|
|
|
|
|
|
|
|
|
|
|
288 |
= 0.21.0 =
|
289 |
* Fix is_pw_outside_ascii() to permit spaces.
|
290 |
* In multisite mode, send notifications to network admin, not blog admin.
|
1 |
=== Login Security Solution ===
|
2 |
Contributors: convissor
|
3 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=danielc%40analysisandsolutions%2ecom&lc=US&item_name=Donate%3a%20Login%20Security%20Solution¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donateCC_LG%2egif%3aNonHosted
|
4 |
+
Tags: login, password, passwords, strength, strong, strong passwords, password strength, idle, timeout, maintenance, security, attack, hack, lock, lockdown, ban, brute force, brute, force, authentication, auth, cookie, users
|
5 |
Requires at least: 3.3
|
6 |
Tested up to: 3.4.1
|
7 |
+
Stable tag: 0.22.0
|
8 |
|
9 |
+
Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode lockdown.
|
10 |
|
11 |
|
12 |
== Description ==
|
89 |
* Internationalized unit tests
|
90 |
|
91 |
|
92 |
+
= Translations =
|
93 |
+
|
94 |
+
* Français, français (French, France) (fr_FR) by mermouy
|
95 |
+
|
96 |
+
|
97 |
= Securing Your WordPress Site is Important =
|
98 |
|
99 |
You're probably thinking "There's nothing valuable on my website. No one
|
126 |
|
127 |
1. Before installing this plugin, read the FAQ!
|
128 |
|
129 |
+
1. If your WP install is behind a proxy or load balancer, please be aware
|
130 |
+
that this plugin uses the `REMOTE_ADDR` provided by the web server
|
131 |
+
(as does WordPress' new comment functionality and the Akismet plugin).
|
132 |
+
If you want our brute force tracking to work, we advise adjusting your
|
133 |
+
`wp-config.php` file to manually set the `REMOTE_ADDR` to a data
|
134 |
+
source appropriate for your environment. For example:
|
135 |
+
|
136 |
+
$_SERVER['REMOTE_ADDR'] = preg_replace('/^([^,]+).*$/', '\1',
|
137 |
+
$_SERVER['HTTP_X_FORWARDED_FOR']);
|
138 |
+
|
139 |
1. Download the Login Security Solution zip file from WordPress' plugin
|
140 |
site: `http://wordpress.org/extend/plugins/login-security-solution/`
|
141 |
|
250 |
Security "Settings" page lets you disable those features in their plugin.
|
251 |
This way you get to enjoy even better security than either plugin alone.
|
252 |
|
253 |
+
= Why should I pick a user name other than "admin"? =
|
254 |
+
|
255 |
+
The WordPress installation process (currently) defaults to having the
|
256 |
+
main administrator's user's name be "admin." Many people don't change it.
|
257 |
+
Attackers know this, so now all they need to do to get into such sites is
|
258 |
+
guess the password.
|
259 |
+
|
260 |
+
In addition, if you try to log in while your site is being attacked, this
|
261 |
+
plugin will send you through the password reset process in order to verify
|
262 |
+
your identity. While not the end of the world, it's inconvenient.
|
263 |
+
|
264 |
= Where should I report bugs and feature requests? =
|
265 |
|
266 |
Report bugs and submit feature requests by opening a ticket in WordPress'
|
311 |
|
312 |
== Changelog ==
|
313 |
|
314 |
+
= 0.22.0 =
|
315 |
+
* Track a given IP, user name, password combination only once.
|
316 |
+
* Prevent "not a valid MySQL-Link resource" on auth cookie failure.
|
317 |
+
* Increase default value of login_fail_notify from 20 to 50.
|
318 |
+
* Add partial French translation. Settings page needs doing. Thanks mermouy!
|
319 |
+
|
320 |
= 0.21.0 =
|
321 |
* Fix is_pw_outside_ascii() to permit spaces.
|
322 |
* In multisite mode, send notifications to network admin, not blog admin.
|
tests/AuthCookieBadTest.php
CHANGED
@@ -60,6 +60,9 @@ class AuthCookieBadTest extends TestCase {
|
|
60 |
|
61 |
|
62 |
public function test_direct() {
|
|
|
|
|
|
|
63 |
$input = array(
|
64 |
'username' => $this->user_name,
|
65 |
'hmac' => $this->pass_md5,
|
@@ -67,6 +70,9 @@ class AuthCookieBadTest extends TestCase {
|
|
67 |
self::$lss->auth_cookie_bad($input);
|
68 |
$pass = self::$lss->md5($this->pass_md5);
|
69 |
$this->check_fail_record($this->ip, $this->user_name, $pass);
|
|
|
|
|
|
|
70 |
}
|
71 |
|
72 |
/**
|
@@ -79,11 +85,17 @@ class AuthCookieBadTest extends TestCase {
|
|
79 |
$parts[0] = 'thisusercannotpossiblyexist';
|
80 |
$_COOKIE[AUTH_COOKIE] = implode('|', $parts);
|
81 |
|
|
|
|
|
|
|
82 |
$result = wp_validate_auth_cookie();
|
83 |
$this->assertFalse($result);
|
84 |
|
85 |
$pass = self::$lss->md5($parts[2]);
|
86 |
$this->check_fail_record($this->ip, $parts[0], $pass);
|
|
|
|
|
|
|
87 |
}
|
88 |
|
89 |
/**
|
@@ -96,10 +108,16 @@ class AuthCookieBadTest extends TestCase {
|
|
96 |
$parts[2] = 'badpassword';
|
97 |
$_COOKIE[AUTH_COOKIE] = implode('|', $parts);
|
98 |
|
|
|
|
|
|
|
99 |
$result = wp_validate_auth_cookie();
|
100 |
$this->assertFalse($result);
|
101 |
|
102 |
$pass = self::$lss->md5($parts[2]);
|
103 |
$this->check_fail_record($this->ip, $parts[0], $pass);
|
|
|
|
|
|
|
104 |
}
|
105 |
}
|
60 |
|
61 |
|
62 |
public function test_direct() {
|
63 |
+
$expected_error = 'Cannot modify header information';
|
64 |
+
$this->expected_errors($expected_error);
|
65 |
+
|
66 |
$input = array(
|
67 |
'username' => $this->user_name,
|
68 |
'hmac' => $this->pass_md5,
|
70 |
self::$lss->auth_cookie_bad($input);
|
71 |
$pass = self::$lss->md5($this->pass_md5);
|
72 |
$this->check_fail_record($this->ip, $this->user_name, $pass);
|
73 |
+
|
74 |
+
$this->assertTrue($this->were_expected_errors_found(),
|
75 |
+
"Expected error not found: '$expected_error'");
|
76 |
}
|
77 |
|
78 |
/**
|
85 |
$parts[0] = 'thisusercannotpossiblyexist';
|
86 |
$_COOKIE[AUTH_COOKIE] = implode('|', $parts);
|
87 |
|
88 |
+
$expected_error = 'Cannot modify header information';
|
89 |
+
$this->expected_errors($expected_error);
|
90 |
+
|
91 |
$result = wp_validate_auth_cookie();
|
92 |
$this->assertFalse($result);
|
93 |
|
94 |
$pass = self::$lss->md5($parts[2]);
|
95 |
$this->check_fail_record($this->ip, $parts[0], $pass);
|
96 |
+
|
97 |
+
$this->assertTrue($this->were_expected_errors_found(),
|
98 |
+
"Expected error not found: '$expected_error'");
|
99 |
}
|
100 |
|
101 |
/**
|
108 |
$parts[2] = 'badpassword';
|
109 |
$_COOKIE[AUTH_COOKIE] = implode('|', $parts);
|
110 |
|
111 |
+
$expected_error = 'Cannot modify header information';
|
112 |
+
$this->expected_errors($expected_error);
|
113 |
+
|
114 |
$result = wp_validate_auth_cookie();
|
115 |
$this->assertFalse($result);
|
116 |
|
117 |
$pass = self::$lss->md5($parts[2]);
|
118 |
$this->check_fail_record($this->ip, $parts[0], $pass);
|
119 |
+
|
120 |
+
$this->assertTrue($this->were_expected_errors_found(),
|
121 |
+
"Expected error not found: '$expected_error'");
|
122 |
}
|
123 |
}
|
tests/LoginFailTest.php
CHANGED
@@ -71,6 +71,17 @@ class LoginFailTest extends TestCase {
|
|
71 |
$this->check_fail_record($this->ip, $this->user_name, 'other md5');
|
72 |
}
|
73 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
74 |
/**
|
75 |
* @depends test_insert_fail
|
76 |
*/
|
@@ -140,12 +151,22 @@ class LoginFailTest extends TestCase {
|
|
140 |
public function test_process_login_fail__pre_threshold() {
|
141 |
global $wpdb;
|
142 |
|
143 |
-
self::$lss->process_login_fail($this->user_name,
|
144 |
|
145 |
$this->assertInternalType('integer', $wpdb->insert_id,
|
146 |
'This should be an insert id.');
|
147 |
}
|
148 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
149 |
public function test_wp_login__null() {
|
150 |
$actual = self::$lss->wp_login(null, null);
|
151 |
$this->assertNull($actual, 'Bad return value.');
|
71 |
$this->check_fail_record($this->ip, $this->user_name, 'other md5');
|
72 |
}
|
73 |
|
74 |
+
/**
|
75 |
+
* @depends test_insert_fail
|
76 |
+
*/
|
77 |
+
public function test_is_login_fail_exact_match() {
|
78 |
+
$actual = self::$lss->is_login_fail_exact_match($this->ip, $this->user_name, $this->pass_md5);
|
79 |
+
$this->assertTrue($actual, 'Expect match.');
|
80 |
+
|
81 |
+
$actual = self::$lss->is_login_fail_exact_match($this->ip, $this->user_name, 'no match');
|
82 |
+
$this->assertFalse($actual, 'Expect no match.');
|
83 |
+
}
|
84 |
+
|
85 |
/**
|
86 |
* @depends test_insert_fail
|
87 |
*/
|
151 |
public function test_process_login_fail__pre_threshold() {
|
152 |
global $wpdb;
|
153 |
|
154 |
+
self::$lss->process_login_fail($this->user_name, 'reed');
|
155 |
|
156 |
$this->assertInternalType('integer', $wpdb->insert_id,
|
157 |
'This should be an insert id.');
|
158 |
}
|
159 |
|
160 |
+
/**
|
161 |
+
* @depends test_get_login_fail
|
162 |
+
*/
|
163 |
+
public function test_process_login_fail__exact_match() {
|
164 |
+
global $wpdb;
|
165 |
+
|
166 |
+
$actual = self::$lss->process_login_fail($this->user_name, 'reed');
|
167 |
+
$this->assertEquals(-1, $actual);
|
168 |
+
}
|
169 |
+
|
170 |
public function test_wp_login__null() {
|
171 |
$actual = self::$lss->wp_login(null, null);
|
172 |
$this->assertNull($actual, 'Bad return value.');
|