Login Security Solution - Version 0.28.0

Version Description

(2012-09-15) = * Remove loophole: slow down successful logins as well (for non-verified IP addresses). Keeps attackers from using timeouts to skip our delayed responses to failed login attempts. * Reduce false positives for breach notifications and password resets: - Allow users through without incident if the user's Network IP failure count is less than the "Breach Email Confirm" setting. The old behavior was to do so only if the Network IP failure count was 0. - Add user's current IP to their verified IP list whenever they save their profile page, not just when they change their password. - Fix when user notifications are sent. Do so if the IP address is NOT verified instead of if the IP address IS verified. Duh. - Don't notify administrators of a successful login if the user is coming in from a verified IP address. - Change subject line of user notification emails to differentiate them from emails sent to admins. - Reword user notification email and have it explain how to reduce future hassles. * Remove URIs from user notification email to avoid phishing imitations. * Add pt_BR translation. Thanks to Valdir Trombini. * Put plugin version number in admin notification emails. * Update the fr_FR translation: update password policy, add settings page. * Put Unicode flag on the two preg calls that didn't have it. Fixes password parsing problem on Windows. * Add date to log() messages. * Unit tests pass using PHP 5.4.5-dev, 5.3.16-dev, and 5.2.18-dev. * Tested under WordPress 3.4.2 using regular and multisite. * Also tested on Windows 7 using PHP 5.4.5 and WordPress 3.4.1.

Download this release

Release Info

Developer convissor
Plugin Icon wp plugin Login Security Solution
Version 0.28.0
Comparing to
See all releases

Code changes from version 0.27.0 to 0.28.0

Files changed (15) hide show
  1. admin.php +6 -5
  2. languages/login-security-solution-fr_FR.po +235 -141
  3. languages/login-security-solution-pt_BR.po +740 -0
  4. languages/login-security-solution.pot +100 -85
  5. login-security-solution.php +85 -44
  6. readme.txt +94 -45
  7. tests/LoginFailTest.php +14 -7
  8. tests/expected/en_US/LoginFailTest--test_process_login_fail__post_threshold +1 -1
  9. tests/expected/en_US/LoginFailTest--test_wp_login__post_breach_threshold +12 -0
  10. tests/expected/en_US/LoginFailTest--test_wp_login__post_breach_threshold_verified_ip +0 -25
  11. tests/expected/fr_FR/LoginFailTest--test_process_login_fail__post_threshold +1 -1
  12. tests/expected/fr_FR/LoginFailTest--test_wp_login__post_breach_threshold +10 -0
  13. tests/expected/fr_FR/LoginFailTest--test_wp_login__post_breach_threshold_verified_ip +0 -25
  14. tests/expected/pt_BR/LoginFailTest--test_process_login_fail__post_threshold +15 -0
  15. tests/expected/pt_BR/LoginFailTest--test_wp_login__post_breach_threshold +25 -0
admin.php CHANGED
@@ -108,7 +108,7 @@ class login_security_solution_admin extends login_security_solution {
108
  $this->initialize();
109
  $this->set_fields();
110
 
111
- // Combine plugin's name with translation already in WP.
112
  $this->text_settings = self::NAME . ' ' . __('Settings');
113
 
114
  if (is_multisite()) {
@@ -140,7 +140,7 @@ class login_security_solution_admin extends login_security_solution {
140
  global $wpdb;
141
 
142
  if (is_multisite() && !is_network_admin()) {
143
- die($this->hsc_utf8(sprintf(__("%s must be activated via the Network Admin interface when WordPress is in multistie network mode."), self::NAME)));
144
  }
145
 
146
  /*
@@ -357,6 +357,7 @@ class login_security_solution_admin extends login_security_solution {
357
  * @return array
358
  */
359
  public function plugin_action_links($links) {
 
360
  $links[] = '<a href="' . $this->hsc_utf8($this->page_options)
361
  . '?page=' . self::ID . '">'
362
  . $this->hsc_utf8(__('Settings')) . '</a>';
@@ -797,7 +798,7 @@ class login_security_solution_admin extends login_security_solution {
797
  $this->hsc_utf8($this->option_pw_force_change_name),
798
  $this->hsc_utf8(sprintf($confirm, "No thanks")));
799
  } else {
800
- // Translaton already in WP.
801
  add_settings_error($this->option_pw_force_change_name,
802
  $this->hsc_utf8($this->option_pw_force_change_name),
803
  $this->hsc_utf8(__("Success!")),
@@ -817,7 +818,7 @@ class login_security_solution_admin extends login_security_solution {
817
  } else {
818
  $result = $this->force_change_for_all();
819
  if ($result === true) {
820
- // Translaton already in WP.
821
  add_settings_error($this->option_pw_force_change_name,
822
  $this->hsc_utf8($this->option_pw_force_change_name),
823
  $this->hsc_utf8(__("Success!")), 'updated');
@@ -913,7 +914,7 @@ class login_security_solution_admin extends login_security_solution {
913
  global $user_ID, $wpdb;
914
 
915
  if (!current_user_can($this->capability_required)) {
916
- // Translaton already in WP.
917
  return __('You do not have sufficient permissions to access this page.');
918
  }
919
 
108
  $this->initialize();
109
  $this->set_fields();
110
 
111
+ // Translation already in WP combined with plugin's name.
112
  $this->text_settings = self::NAME . ' ' . __('Settings');
113
 
114
  if (is_multisite()) {
140
  global $wpdb;
141
 
142
  if (is_multisite() && !is_network_admin()) {
143
+ die($this->hsc_utf8(sprintf(__("%s must be activated via the Network Admin interface when WordPress is in multistie network mode.", self::ID), self::NAME)));
144
  }
145
 
146
  /*
357
  * @return array
358
  */
359
  public function plugin_action_links($links) {
360
+ // Translation already in WP.
361
  $links[] = '<a href="' . $this->hsc_utf8($this->page_options)
362
  . '?page=' . self::ID . '">'
363
  . $this->hsc_utf8(__('Settings')) . '</a>';
798
  $this->hsc_utf8($this->option_pw_force_change_name),
799
  $this->hsc_utf8(sprintf($confirm, "No thanks")));
800
  } else {
801
+ // Translation already in WP.
802
  add_settings_error($this->option_pw_force_change_name,
803
  $this->hsc_utf8($this->option_pw_force_change_name),
804
  $this->hsc_utf8(__("Success!")),
818
  } else {
819
  $result = $this->force_change_for_all();
820
  if ($result === true) {
821
+ // Translation already in WP.
822
  add_settings_error($this->option_pw_force_change_name,
823
  $this->hsc_utf8($this->option_pw_force_change_name),
824
  $this->hsc_utf8(__("Success!")), 'updated');
914
  global $user_ID, $wpdb;
915
 
916
  if (!current_user_can($this->capability_required)) {
917
+ // Translation already in WP.
918
  return __('You do not have sufficient permissions to access this page.');
919
  }
920
 
languages/login-security-solution-fr_FR.po CHANGED
@@ -1,12 +1,12 @@
1
  msgid ""
2
  msgstr ""
3
- "Project-Id-Version: Login Security Solution 0.22.0\n"
4
  "Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
5
  "solution\n"
6
- "POT-Creation-Date: 2012-09-01 11:42:28+00:00\n"
7
- "PO-Revision-Date: 2012-07-14 09:16:30+0000\n"
8
  "Last-Translator: mermouy <mermouy@gmail.com>\n"
9
- "Language-Team: \n"
10
  "MIME-Version: 1.0\n"
11
  "Content-Type: text/plain; charset=UTF-8\n"
12
  "Content-Transfer-Encoding: 8bit\n"
@@ -21,103 +21,119 @@ msgstr ""
21
  "X-Poedit-SearchPath-0: .\n"
22
  "X-Textdomain-Support: yes\n"
23
 
24
- #: admin.php:112 admin.php:362
 
25
  msgid "Settings"
26
  msgstr ""
27
 
28
  #: admin.php:126
29
  msgid "Change All Passwords"
30
- msgstr ""
31
 
32
  #: admin.php:127
33
  msgid "Do not remind me about this"
34
- msgstr ""
35
 
36
  #: admin.php:128
37
  msgid "Require All Passwords Be Changed"
38
- msgstr ""
39
 
40
  #: admin.php:143
41
  msgid ""
42
  "%s must be activated via the Network Admin interface when WordPress is in "
43
  "multistie network mode."
44
  msgstr ""
 
 
45
 
46
  #: admin.php:249
47
  msgid "Idle Timeout"
48
- msgstr ""
49
 
50
  #: admin.php:250
51
  msgid ""
52
  "Close inactive sessions after this many minutes. 0 disables this feature."
53
  msgstr ""
 
 
54
 
55
  #: admin.php:255
56
  msgid "Maintenance Mode"
57
- msgstr ""
58
 
59
  #: admin.php:256
60
  msgid ""
61
  "Disable logins from users who are not administrators and disable posting of "
62
  "comments?"
63
  msgstr ""
 
 
64
 
65
  #: admin.php:258
66
  msgid "Off, let all users log in."
67
- msgstr ""
68
 
69
  #: admin.php:259
70
  msgid "On, disable comments and only let administrators log in."
71
  msgstr ""
 
 
72
 
73
  #: admin.php:263
74
  msgid "Deactivation"
75
- msgstr ""
76
 
77
  #: admin.php:264
78
  msgid ""
79
  "Should deactivating the plugin remove all of the plugin's data and settings?"
80
  msgstr ""
 
 
81
 
82
  #: admin.php:266
83
  msgid "No, preserve the data for future use."
84
- msgstr ""
85
 
86
  #: admin.php:267
87
  msgid "Yes, delete the damn data."
88
- msgstr ""
89
 
90
  #: admin.php:272
91
  msgid "Match Time"
92
- msgstr ""
93
 
94
  #: admin.php:273
95
  msgid "How far back, in minutes, should login failures look for matching data?"
96
  msgstr ""
 
97
 
98
  #: admin.php:278
99
  msgid "Delay Tier 2"
100
- msgstr ""
101
 
102
  #: admin.php:279
103
  msgid ""
104
  "How many matching login failures should it take to get into this (%d - %d "
105
  "second) Delay Tier? Must be >= %d."
106
  msgstr ""
 
 
107
 
108
  #: admin.php:285
109
  msgid "Delay Tier 3"
110
- msgstr ""
111
 
112
  #: admin.php:286
113
  msgid ""
114
  "How many matching login failures should it take to get into this (%d - %d "
115
  "second) Delay Tier? Must be > Delay Tier 2."
116
  msgstr ""
 
 
117
 
118
  #: admin.php:291
119
  msgid "Notifications To"
120
- msgstr ""
121
 
122
  #: admin.php:292
123
  msgid ""
@@ -125,30 +141,38 @@ msgid ""
125
  "to. For multiple addresses, separate them with commas. WordPress' "
126
  "'admin_email' setting is used if none is provided here."
127
  msgstr ""
 
 
 
 
128
 
129
  #: admin.php:297
130
  msgid "Failure Notification"
131
- msgstr ""
132
 
133
  #: admin.php:298
134
  msgid ""
135
  "Notify the administrator upon every x matching login failures. 0 disables "
136
  "this feature."
137
  msgstr ""
 
 
138
 
139
  #: admin.php:303
140
  msgid "Breach Notification"
141
- msgstr ""
142
 
143
  #: admin.php:304
144
  msgid ""
145
  "Notify the administrator if a successful login uses data matching x login "
146
  "failures. 0 disables this feature."
147
  msgstr ""
 
 
148
 
149
  #: admin.php:309
150
  msgid "Breach Email Confirm"
151
- msgstr ""
152
 
153
  #: admin.php:310
154
  msgid ""
@@ -156,296 +180,346 @@ msgid ""
156
  "the user out and require them to use WordPress' lost password process. 0 "
157
  "disables this feature."
158
  msgstr ""
 
 
 
159
 
160
  #: admin.php:316
161
  msgid "Length"
162
- msgstr ""
163
 
164
  #: admin.php:317
165
  msgid "How long must passwords be? Must be >= %d."
166
- msgstr ""
167
 
168
  #: admin.php:323
169
  msgid "Complexity Exemption"
170
- msgstr ""
171
 
172
  #: admin.php:324
173
  msgid ""
174
  "How long must passwords be to be exempt from the complexity requirements? "
175
  "Must be >= %d."
176
  msgstr ""
 
 
177
 
178
  #: admin.php:330
179
  msgid "Aging"
180
- msgstr ""
181
 
182
  #: admin.php:331
183
  msgid ""
184
  "How many days old can a password be before requiring it be changed? Not "
185
  "recommended. 0 disables this feature."
186
  msgstr ""
 
 
187
 
188
  #: admin.php:336
189
  msgid "Grace Period"
190
- msgstr ""
191
 
192
  #: admin.php:337
193
  msgid ""
194
  "How many minutes should a user have to change their password once they know "
195
  "it has expired? Must be >= %d."
196
  msgstr ""
 
 
197
 
198
  #: admin.php:343
199
  msgid "History"
200
- msgstr ""
201
 
202
  #: admin.php:344
203
  msgid ""
204
  "How many passwords should be remembered? Prevents reuse of old passwords. 0 "
205
  "disables this feature."
206
  msgstr ""
 
 
207
 
208
- #: admin.php:405
209
  msgid "Login Failure Policies"
210
- msgstr ""
211
 
212
  # @ login-security-solution
213
- #: admin.php:411
214
  msgid "Password Policies"
215
- msgstr ""
216
 
217
- #: admin.php:417
218
  msgid "Miscellaneous Policies"
219
- msgstr ""
220
 
221
- #: admin.php:467
222
  msgid ""
223
  "This plugin stores the IP address, username and password for each failed log "
224
  "in attempt."
225
  msgstr ""
 
 
226
 
227
- #: admin.php:469
228
  msgid ""
229
  "The data from future login failures are compared against the historical data."
230
  msgstr ""
 
 
231
 
232
- #: admin.php:471
233
  msgid ""
234
  "If any of the data points match, the plugin delays printing out the failure "
235
  "message."
236
  msgstr ""
 
 
237
 
238
- #: admin.php:473
239
  msgid ""
240
  "The goal is for the responses to take so long that the attackers give up and "
241
  "go find an easier target."
242
  msgstr ""
 
 
243
 
244
- #: admin.php:475
245
  msgid "The length of the delay is broken up into three tiers."
246
- msgstr ""
247
 
248
- #: admin.php:477
249
  msgid "The amount of the delay increases in higher tiers."
250
- msgstr ""
251
 
252
- #: admin.php:479
253
  msgid ""
254
  "The delay time within each tier is randomized to complicate profiling by "
255
  "attackers."
256
  msgstr ""
 
 
257
 
258
- #: admin.php:538 admin.php:553
259
  msgid "Default:"
260
- msgstr ""
261
 
262
- #: admin.php:577
263
  msgid "must be >= '%s',"
264
- msgstr ""
265
 
266
- #: admin.php:578
267
  msgid "so we used the default value instead."
268
- msgstr ""
269
 
270
- #: admin.php:611
271
  msgid "must be an integer,"
272
- msgstr ""
273
 
274
- #: admin.php:714
275
  msgid "There may be cases where everyone's password should be reset."
276
  msgstr ""
 
 
277
 
278
- #: admin.php:716
279
  msgid "This page, provided by the %s plugin, offers that functionality."
280
- msgstr ""
281
 
282
- #: admin.php:720
283
  msgid ""
284
  "Submitting this form sets a flag that forces all users to utilize WordPress' "
285
  "built in password reset functionality."
286
  msgstr ""
 
 
287
 
288
- #: admin.php:722
289
  msgid ""
290
  "Users who are presently logged in will be logged out the next time they view "
291
  "a page that requires authentication."
292
  msgstr ""
 
 
293
 
294
- #: admin.php:734
295
  msgid ""
296
  "Confirm that you want to force all users to change their passwords by "
297
  "checking this box, then click the button, below."
298
  msgstr ""
 
 
299
 
300
- #: admin.php:753
301
  msgid "No thanks. I know what I'm doing. Please don't remind me about this."
302
- msgstr ""
303
 
304
- #: admin.php:785
305
  msgid ""
306
  "You have checked a box that does not correspond with the button you pressed. "
307
  "Please check and press buttons inside the same section."
308
  msgstr ""
 
 
309
 
310
- #: admin.php:787
311
  msgid ""
312
  "Please confirm that you really want to do this. Put a check in the '%s' box "
313
  "before hitting the submit button."
314
  msgstr ""
 
 
315
 
316
- #: admin.php:803 admin.php:823
 
317
  msgid "Success!"
318
  msgstr ""
319
 
320
- #: admin.php:855
321
  msgid ""
322
  "WARNING: The site is in maintenance mode. DO NOT TOUCH ANYTHING! Your "
323
  "changes may get overwritten!"
324
  msgstr ""
 
 
325
 
326
- #: admin.php:879
327
  msgid ""
328
  "You have not asked your users to change their passwords since the plugin was "
329
  "activated. Most users have weak passwords. This plugin's password policies "
330
  "protect your site from brute force attacks. Please improve security for "
331
  "everyone on the Internet by making all users pick new, strong, passwords."
332
  msgstr ""
 
 
 
 
 
 
333
 
334
- #: admin.php:883
335
  msgid ""
336
  "Speaking of which, do YOU have a strong password? Make sure by changing "
337
  "yours too."
338
  msgstr ""
 
 
339
 
340
- #: admin.php:887
341
  msgid ""
342
  "The following link leads to a user interface where you can either require "
343
  "all passwords to be reset or disable this notice."
344
  msgstr ""
 
 
345
 
346
- #: admin.php:917
 
347
  msgid "You do not have sufficient permissions to access this page."
348
  msgstr ""
349
 
350
- #: admin.php:923
351
  msgid "$user_ID variable not set. Another plugin is misbehaving."
352
- msgstr ""
353
 
354
  # @ login-security-solution
355
- #: login-security-solution.php:516 tests/LoginErrorsTest.php:97
356
  #: tests/LoginErrorsTest.php:111
357
  msgid "Invalid username or password."
358
  msgstr "Identifiant ou mot de passe incorrect."
359
 
 
360
  # @ default
361
- #: login-security-solution.php:522 tests/LoginErrorsTest.php:125
362
  #: tests/LoginErrorsTest.php:139
363
  msgid "Password reset is not allowed for this user"
364
  msgstr ""
365
 
366
  # @ login-security-solution
367
- #: login-security-solution.php:547 tests/LoginMessageTest.php:66
368
  msgid "It has been over %d minutes since your last action."
369
  msgstr "Vous êtes inactif depuis %d minutes."
370
 
371
  # @ login-security-solution
372
- #: login-security-solution.php:548 tests/LoginMessageTest.php:67
373
  msgid "Please log back in."
374
  msgstr "Veuillez vous reconnecter."
375
 
376
  # @ login-security-solution
377
- #: login-security-solution.php:551 tests/LoginMessageTest.php:77
378
  msgid "The grace period for changing your password has expired."
379
  msgstr "La période allouée pour changer votre mot de passe est écoulée."
380
 
381
  # @ login-security-solution
382
- #: login-security-solution.php:552 tests/LoginMessageTest.php:78
383
  msgid "Please submit this form to reset your password."
384
  msgstr "Veuillez remplir ce formulaire pour ré-initialiser votre mor de passe."
385
 
386
  # @ login-security-solution
387
- #: login-security-solution.php:555 tests/LoginMessageTest.php:88
388
  msgid "Your password must be reset."
389
  msgstr "Votre mot de passe doit être changé."
390
 
391
  # @ login-security-solution
392
- #: login-security-solution.php:556 tests/LoginMessageTest.php:89
393
  msgid "Please submit this form to reset it."
394
  msgstr "Veuillez remplir ce formulaire pour le ré-initialiser"
395
 
396
  # @ login-security-solution
397
- #: login-security-solution.php:559 tests/LoginMessageTest.php:104
398
  msgid "Your password has expired. Please log and change it."
399
  msgstr "Votre mot de passe a expiré. Veuillez vous connecter et le changer."
400
 
401
  # @ login-security-solution
402
- #: login-security-solution.php:560 tests/LoginMessageTest.php:105
403
  msgid "We provide a %d minute grace period to do so."
404
  msgstr "Une période de %d minutes vous est allouée pour cela."
405
 
406
  # @ login-security-solution
407
- #: login-security-solution.php:563 tests/LoginMessageTest.php:115
408
  msgid "The password you tried to create is not secure. Please try again."
409
  msgstr ""
410
  "Le mot de passe que vous voulez utiliser n'est pas suffisamment robuste. "
411
  "Veuillez ré-essayer."
412
 
413
  # @ login-security-solution
414
- #: login-security-solution.php:569 tests/LoginMessageTest.php:129
415
  #: tests/LoginMessageTest.php:144
416
  msgid "The site is undergoing maintenance."
417
  msgstr "Le site est en maintenance."
418
 
419
  # @ login-security-solution
420
- #: login-security-solution.php:570 tests/LoginMessageTest.php:130
421
  #: tests/LoginMessageTest.php:145
422
  msgid "Please try again later."
423
  msgstr "Veuillez ré-essayer un peu plus tard."
424
 
425
- #: login-security-solution.php:644
426
  msgid ""
427
  "The password should either be: A) at least %d characters long and contain "
428
  "upper and lower case letters (except languages that only have one case) plus "
429
  "numbers and punctuation, or B) at least %d characters long. The password can "
430
  "not contain words related to you or this website."
431
  msgstr ""
432
-
433
- #: login-security-solution.php:645
434
- msgid "(Why is this necessary?)"
435
- msgstr ""
 
436
 
437
  # @ login-security-solution
438
- #: login-security-solution.php:679 tests/PasswordChangeTest.php:277
439
  msgid "Passwords can not be reused."
440
  msgstr "D'anciens mots de passe ne peuvent être ré-utilisés."
441
 
 
442
  # @ default
443
- #: login-security-solution.php:854
444
  msgid "ERROR"
445
  msgstr ""
446
 
447
  # @ login-security-solution
448
- #: login-security-solution.php:991
449
  msgid ""
450
  "\n"
451
  "Component Count Value from Current Attempt\n"
@@ -462,17 +536,17 @@ msgstr ""
462
  "MD5 du mot de passe %5d %s\n"
463
 
464
  # @ login-security-solution
465
- #: login-security-solution.php:1807 login-security-solution.php:1844
466
  msgid "POTENTIAL INTRUSION AT %s"
467
  msgstr "INTRUSION POSSIBLE A %s"
468
 
469
  # @ login-security-solution
470
- #: login-security-solution.php:1811
471
  msgid "Your website, %s, may have been broken in to."
472
  msgstr "Votre site, %s, a peut-être été corrompu."
473
 
474
  # @ login-security-solution
475
- #: login-security-solution.php:1814
476
  msgid ""
477
  "Someone just logged in using the following components. Prior to that, some "
478
  "combination of those components were a part of %d failed attempts to log in "
@@ -483,7 +557,7 @@ msgstr ""
483
  "connexion au cours des %d dernières minutes:"
484
 
485
  # @ login-security-solution
486
- #: login-security-solution.php:1820
487
  msgid ""
488
  "The user's current IP address is one they have verified with your site in "
489
  "the past. Therefore, the user will NOT be required to confirm their "
@@ -496,7 +570,7 @@ msgstr ""
496
  "ce serait effectivement un intrusion."
497
 
498
  # @ login-security-solution
499
- #: login-security-solution.php:1822
500
  msgid ""
501
  "The user has been logged out and will be required to confirm their identity "
502
  "via the password reset functionality."
@@ -504,44 +578,68 @@ msgstr ""
504
  "L'utilisateur à été déconnecté et il devra confirmer son identité via le "
505
  "processus de changement de mot de passe."
506
 
 
 
 
 
 
 
 
 
 
507
  # @ login-security-solution
508
- #: login-security-solution.php:1848
509
  msgid ""
510
  "Someone just logged into your '%s' account at %s. Was it you that logged "
511
- "in? We are asking because the site is being attacked."
512
  msgstr ""
513
- "Quelqu'un a %s vient de se connecter en tant que '%s'. Était-ce vous? Nous "
514
- "vous posons la question parce que le site semble subir une attaque."
515
 
516
  # @ login-security-solution
517
- #: login-security-solution.php:1849
518
- msgid "IF IT WAS NOT YOU, please do the following right away:"
519
- msgstr "SI CE N'ÉTAIT PAS VOUS, veuillez suivre ces consignes au plus vite:"
520
 
521
  # @ login-security-solution
522
- #: login-security-solution.php:1850
523
- msgid "1) Log into %s and change your password."
524
- msgstr "1) Connectez vous à %s et changez votre mot de passe."
525
 
526
  # @ login-security-solution
527
- #: login-security-solution.php:1851
528
- msgid "2) Send an email to %s letting them know it was not you who logged in."
529
  msgstr ""
530
- "2) Envoyez un message à %s pour les prévenir que ce n'était pas vous qui "
531
  "vous êtes connecté récemment."
532
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
533
  # @ login-security-solution
534
- #: login-security-solution.php:1877
535
  msgid "ATTACK HAPPENING TO %s"
536
  msgstr "ATTAQUE SUR %s"
537
 
538
  # @ login-security-solution
539
- #: login-security-solution.php:1881
540
  msgid "Your website, %s, is undergoing a brute force attack."
541
  msgstr "Votre site, %s, subi une attaque de type brute force."
542
 
543
  # @ login-security-solution
544
- #: login-security-solution.php:1884
545
  msgid ""
546
  "There have been at least %d failed attempts to log in during the past %d "
547
  "minutes that used one or more of the following components:"
@@ -550,44 +648,44 @@ msgstr ""
550
  "minutes ont utilisées les données suivantes:"
551
 
552
  # @ login-security-solution
553
- #: login-security-solution.php:1889
554
  msgid ""
555
- "The %s plugin for WordPress is repelling the attack by making their login "
556
- "failures take a very long time."
557
  msgstr ""
558
- "Le plugin %s pour WordPress pare l'attaque en ralentissant la réponse à "
559
  "chaque tentative échouée."
560
 
561
  # @ login-security-solution
562
- #: login-security-solution.php:2296 tests/PasswordValidationTest.php:483
563
  msgid "Password not set."
564
  msgstr "Mot de passe non défini."
565
 
566
  # @ login-security-solution
567
- #: login-security-solution.php:2311 tests/PasswordValidationTest.php:494
568
  msgid "Passwords must be strings."
569
  msgstr "Les mots de passe ne peuvent comporter d'espace."
570
 
571
  # @ login-security-solution
572
- #: login-security-solution.php:2329 tests/PasswordValidationTest.php:507
573
  msgid "Passwords must use ASCII characters."
574
  msgstr "Les mots de passe ne doivent comporter que des caractères ASCII."
575
 
576
  # @ login-security-solution
577
- #: login-security-solution.php:2348 tests/PasswordChangeTest.php:310
578
  #: tests/PasswordValidationTest.php:524 tests/PasswordValidationTest.php:538
579
  msgid "Password is too short."
580
  msgstr "Le mot de passe est trop court."
581
 
582
  # @ login-security-solution
583
- #: login-security-solution.php:2357 tests/PasswordValidationTest.php:564
584
  msgid "Passwords must either contain numbers or be %d characters long."
585
  msgstr ""
586
  "Le mot de passe doit, soit comporter des chiffres soit comporter %d "
587
  "caractères."
588
 
589
  # @ login-security-solution
590
- #: login-security-solution.php:2366 tests/PasswordValidationTest.php:551
591
  msgid ""
592
  "Passwords must either contain punctuation marks / symbols or be %d "
593
  "characters long."
@@ -596,7 +694,7 @@ msgstr ""
596
  "caractères."
597
 
598
  # @ login-security-solution
599
- #: login-security-solution.php:2375 tests/PasswordValidationTest.php:577
600
  msgid ""
601
  "Passwords must either contain upper-case and lower-case letters or be %d "
602
  "characters long."
@@ -605,44 +703,44 @@ msgstr ""
605
  "contenir %d caractères."
606
 
607
  # @ login-security-solution
608
- #: login-security-solution.php:2385 tests/PasswordValidationTest.php:590
609
  msgid "Passwords can't be sequential keys."
610
  msgstr "Les mots de passe ne peuvent être une séquence."
611
 
612
  # @ login-security-solution
613
- #: login-security-solution.php:2394 tests/PasswordValidationTest.php:603
614
  msgid "Passwords can't have that many sequential characters."
615
  msgstr ""
616
  "Les mots de passe ne peuvent contenir autant de caractères séquentiels."
617
 
618
  # @ login-security-solution
619
- #: login-security-solution.php:2410 tests/PasswordValidationTest.php:616
620
  #: tests/PasswordValidationTest.php:629
621
  msgid "Passwords can't contain user data."
622
  msgstr "Les mots de passe ne peuvent contenir des informations utilisateur."
623
 
624
  # @ login-security-solution
625
- #: login-security-solution.php:2421 tests/PasswordValidationTest.php:642
626
  msgid "Passwords can't contain site info."
627
  msgstr "Les mots de passe ne peuvent contenir des information du site."
628
 
629
  # @ login-security-solution
630
- #: login-security-solution.php:2430 tests/PasswordValidationTest.php:655
631
  msgid "Password is too common."
632
  msgstr "Le mot de passe est trop banal."
633
 
634
  # @ login-security-solution
635
- #: login-security-solution.php:2439 tests/PasswordValidationTest.php:671
636
  msgid "Passwords can't be variations of dictionary words."
637
  msgstr "Les mots de passe ne peuvent être issus du dictionnaire."
638
 
639
  #. Plugin Name of the plugin/theme
640
  msgid "Login Security Solution"
641
- msgstr ""
642
 
643
  #. Plugin URI of the plugin/theme
644
  msgid "http://wordpress.org/extend/plugins/login-security-solution/"
645
- msgstr ""
646
 
647
  #. Description of the plugin/theme
648
  msgid ""
@@ -651,21 +749,17 @@ msgid ""
651
  "attacks and breaches, permits administrators to disable logins for "
652
  "maintenance or emergency reasons and reset all passwords."
653
  msgstr ""
 
 
 
 
 
 
654
 
655
  #. Author of the plugin/theme
656
  msgid "Daniel Convissor"
657
- msgstr ""
658
 
659
  #. Author URI of the plugin/theme
660
  msgid "http://www.analysisandsolutions.com/"
661
- msgstr ""
662
-
663
- # @ login-security-solution
664
- #~ msgid ""
665
- #~ "The password should either be: A) at least %d characters long and contain "
666
- #~ "upper and lower case letters plus numbers and punctuation, or B) at least "
667
- #~ "%d characters long."
668
- #~ msgstr ""
669
- #~ "Le mot de passe doit, soit A) comporter au moins %d caractères et "
670
- #~ "contenir à la fois des majuscules, des minuscules, des chiffres et de la "
671
- #~ "ponctuation; soit B) comporter %d caractères."
1
  msgid ""
2
  msgstr ""
3
+ "Project-Id-Version: Login Security Solution 0.28.0\n"
4
  "Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
5
  "solution\n"
6
+ "POT-Creation-Date: 2012-09-15 02:40:36+00:00\n"
7
+ "PO-Revision-Date: 2012-09-15 06:21:00+0100\n"
8
  "Last-Translator: mermouy <mermouy@gmail.com>\n"
9
+ "Language-Team: mermouy <mermouy@gmail.com>\n"
10
  "MIME-Version: 1.0\n"
11
  "Content-Type: text/plain; charset=UTF-8\n"
12
  "Content-Transfer-Encoding: 8bit\n"
21
  "X-Poedit-SearchPath-0: .\n"
22
  "X-Textdomain-Support: yes\n"
23
 
24
+ # Translation from WordPress.
25
+ #: admin.php:112 admin.php:363
26
  msgid "Settings"
27
  msgstr ""
28
 
29
  #: admin.php:126
30
  msgid "Change All Passwords"
31
+ msgstr "Changer tous les mots de passe"
32
 
33
  #: admin.php:127
34
  msgid "Do not remind me about this"
35
+ msgstr "Ne pas me le rappeler"
36
 
37
  #: admin.php:128
38
  msgid "Require All Passwords Be Changed"
39
+ msgstr "Tous les mots de passe doivent être changés"
40
 
41
  #: admin.php:143
42
  msgid ""
43
  "%s must be activated via the Network Admin interface when WordPress is in "
44
  "multistie network mode."
45
  msgstr ""
46
+ "%s doit être activé via l'interface d'administration réseau lorsque "
47
+ "WordPress est en mode multi-site."
48
 
49
  #: admin.php:249
50
  msgid "Idle Timeout"
51
+ msgstr "Temps d'inactivité"
52
 
53
  #: admin.php:250
54
  msgid ""
55
  "Close inactive sessions after this many minutes. 0 disables this feature."
56
  msgstr ""
57
+ "Temps (en minutes) après lequel fermer les session inactives? 0 désactive "
58
+ "cette fonctionnalité."
59
 
60
  #: admin.php:255
61
  msgid "Maintenance Mode"
62
+ msgstr "Mode maintenance"
63
 
64
  #: admin.php:256
65
  msgid ""
66
  "Disable logins from users who are not administrators and disable posting of "
67
  "comments?"
68
  msgstr ""
69
+ "Désactiver la connexion pour les utilisateurs non-administrateurs et "
70
+ "désactiver l'envoi de commentaires?"
71
 
72
  #: admin.php:258
73
  msgid "Off, let all users log in."
74
+ msgstr "Désactivé, permet à tous les utilisateurs de se connecter."
75
 
76
  #: admin.php:259
77
  msgid "On, disable comments and only let administrators log in."
78
  msgstr ""
79
+ "Activé, désactive les commentaires et n'autorise que les administrateurs à "
80
+ "se connecter."
81
 
82
  #: admin.php:263
83
  msgid "Deactivation"
84
+ msgstr "Désactivation"
85
 
86
  #: admin.php:264
87
  msgid ""
88
  "Should deactivating the plugin remove all of the plugin's data and settings?"
89
  msgstr ""
90
+ "Supprimer les paramètres et données enregistrées lors de la désactivation du "
91
+ "plugin?"
92
 
93
  #: admin.php:266
94
  msgid "No, preserve the data for future use."
95
+ msgstr "Non, garder les données pour une prochaine utilisation."
96
 
97
  #: admin.php:267
98
  msgid "Yes, delete the damn data."
99
+ msgstr "Oui, supprimer ces foutues données."
100
 
101
  #: admin.php:272
102
  msgid "Match Time"
103
+ msgstr "Temps de comparaisons"
104
 
105
  #: admin.php:273
106
  msgid "How far back, in minutes, should login failures look for matching data?"
107
  msgstr ""
108
+ "Les échecs de connexion doivent être comparés combien de minutes en arrière?"
109
 
110
  #: admin.php:278
111
  msgid "Delay Tier 2"
112
+ msgstr "Tiers temps 2"
113
 
114
  #: admin.php:279
115
  msgid ""
116
  "How many matching login failures should it take to get into this (%d - %d "
117
  "second) Delay Tier? Must be >= %d."
118
  msgstr ""
119
+ "Combien de tentatives infructueuses de connexion faut-il pour ce (%d - %d "
120
+ "second) tiers temps? Doit être >= %d."
121
 
122
  #: admin.php:285
123
  msgid "Delay Tier 3"
124
+ msgstr "Tiers temps 3"
125
 
126
  #: admin.php:286
127
  msgid ""
128
  "How many matching login failures should it take to get into this (%d - %d "
129
  "second) Delay Tier? Must be > Delay Tier 2."
130
  msgstr ""
131
+ "Combien de tentatives infructueuses de connexion faut-il pour ce (%d - %d "
132
+ "second) tiers temps? Doit être > Tiers temps 2."
133
 
134
  #: admin.php:291
135
  msgid "Notifications To"
136
+ msgstr "Notifier"
137
 
138
  #: admin.php:292
139
  msgid ""
141
  "to. For multiple addresses, separate them with commas. WordPress' "
142
  "'admin_email' setting is used if none is provided here."
143
  msgstr ""
144
+ "L(es)'adresse(s) email où envoyer les notifications d'échec et d'attaques. "
145
+ "Pour envoyer à plusieurs adresses, séparez les avec des virgules. L'adresse "
146
+ "email de l'administration WordPress sera utilisée si aucune n'est renseignée "
147
+ "ici."
148
 
149
  #: admin.php:297
150
  msgid "Failure Notification"
151
+ msgstr "Notifications d'échec"
152
 
153
  #: admin.php:298
154
  msgid ""
155
  "Notify the administrator upon every x matching login failures. 0 disables "
156
  "this feature."
157
  msgstr ""
158
+ "Alerter l'administrateur pour chaque x tentatives infructueuses. 0 Désactive "
159
+ "cette fonctionnalité."
160
 
161
  #: admin.php:303
162
  msgid "Breach Notification"
163
+ msgstr "Alerte de violation"
164
 
165
  #: admin.php:304
166
  msgid ""
167
  "Notify the administrator if a successful login uses data matching x login "
168
  "failures. 0 disables this feature."
169
  msgstr ""
170
+ "Alerter l'administrateur si une connexion réussie après x tentatives "
171
+ "infructueuses. 0 Désactive cette fonctionnalité."
172
 
173
  #: admin.php:309
174
  msgid "Breach Email Confirm"
175
+ msgstr "Confirmation de violation d'email"
176
 
177
  #: admin.php:310
178
  msgid ""
180
  "the user out and require them to use WordPress' lost password process. 0 "
181
  "disables this feature."
182
  msgstr ""
183
+ "Si une connexion réussie après x tentatives infructueuses, déconnecter "
184
+ "l'utilisateur immédiatement et le rediriger vers le processus de mot de "
185
+ "passe perdu de WordPress. 0 Désactive cette fonctionnalité."
186
 
187
  #: admin.php:316
188
  msgid "Length"
189
+ msgstr "Longueur"
190
 
191
  #: admin.php:317
192
  msgid "How long must passwords be? Must be >= %d."
193
+ msgstr "Nombre de caractères minimum des mots de passe? Doit être >= %d."
194
 
195
  #: admin.php:323
196
  msgid "Complexity Exemption"
197
+ msgstr "Dérogation à la difficulté"
198
 
199
  #: admin.php:324
200
  msgid ""
201
  "How long must passwords be to be exempt from the complexity requirements? "
202
  "Must be >= %d."
203
  msgstr ""
204
+ "Nombre de caractères minimum des mots de passe pour être dispensé de la "
205
+ "règle de difficulté? Doit être >= %d."
206
 
207
  #: admin.php:330
208
  msgid "Aging"
209
+ msgstr "Äge"
210
 
211
  #: admin.php:331
212
  msgid ""
213
  "How many days old can a password be before requiring it be changed? Not "
214
  "recommended. 0 disables this feature."
215
  msgstr ""
216
+ "Au bout de combien de jours les mots de passe doivent-ils être changés? Non "
217
+ "recommandé. 0 Désactive cette fonctionnalité."
218
 
219
  #: admin.php:336
220
  msgid "Grace Period"
221
+ msgstr "Période de grâce"
222
 
223
  #: admin.php:337
224
  msgid ""
225
  "How many minutes should a user have to change their password once they know "
226
  "it has expired? Must be >= %d."
227
  msgstr ""
228
+ "De combien de minutes un utilisateur dispose-t-il pour changer son mot de "
229
+ "passe une fois qu'ils savent que celui-ci a expiré? Doit être >= %d."
230
 
231
  #: admin.php:343
232
  msgid "History"
233
+ msgstr "Historique"
234
 
235
  #: admin.php:344
236
  msgid ""
237
  "How many passwords should be remembered? Prevents reuse of old passwords. 0 "
238
  "disables this feature."
239
  msgstr ""
240
+ "Combien de mots de passe doivent être archivés? Prévient la réutilisation "
241
+ "d'anciens mots de passe. 0 Désactive cette fonctionnalité."
242
 
243
+ #: admin.php:406
244
  msgid "Login Failure Policies"
245
+ msgstr "Politique des tentatives infructueuses"
246
 
247
  # @ login-security-solution
248
+ #: admin.php:412
249
  msgid "Password Policies"
250
+ msgstr "Règles des mots de passe"
251
 
252
+ #: admin.php:418
253
  msgid "Miscellaneous Policies"
254
+ msgstr "Politiques diverses"
255
 
256
+ #: admin.php:468
257
  msgid ""
258
  "This plugin stores the IP address, username and password for each failed log "
259
  "in attempt."
260
  msgstr ""
261
+ "Cette extension enregistre l'adresse IP, l'identifiant et le mot de passe "
262
+ "pour chaque tentative infructueuse de connexion."
263
 
264
+ #: admin.php:470
265
  msgid ""
266
  "The data from future login failures are compared against the historical data."
267
  msgstr ""
268
+ "Les prochaines tentatives infructueuses seront comparées aux données "
269
+ "enregistrées."
270
 
271
+ #: admin.php:472
272
  msgid ""
273
  "If any of the data points match, the plugin delays printing out the failure "
274
  "message."
275
  msgstr ""
276
+ "Si des données correspondent, l'extension retarde l'affichage du message "
277
+ "d'échec."
278
 
279
+ #: admin.php:474
280
  msgid ""
281
  "The goal is for the responses to take so long that the attackers give up and "
282
  "go find an easier target."
283
  msgstr ""
284
+ "Le but est simplement de ralentir les réponses à tel point que l'attaquant "
285
+ "finisse par abandonner et cherche une autre cible moins protégée."
286
 
287
+ #: admin.php:476
288
  msgid "The length of the delay is broken up into three tiers."
289
+ msgstr "Le délai est divisé en trois tiers temps."
290
 
291
+ #: admin.php:478
292
  msgid "The amount of the delay increases in higher tiers."
293
+ msgstr "Le délai augmente dans les derniers tiers temps."
294
 
295
+ #: admin.php:480
296
  msgid ""
297
  "The delay time within each tier is randomized to complicate profiling by "
298
  "attackers."
299
  msgstr ""
300
+ "Le délai dans chaque tiers temps est choisi au hasard pour éviter le "
301
+ "\"profiling\" par les attaquants."
302
 
303
+ #: admin.php:539 admin.php:554
304
  msgid "Default:"
305
+ msgstr "Défaut:"
306
 
307
+ #: admin.php:578
308
  msgid "must be >= '%s',"
309
+ msgstr "Doit être >= '%s',"
310
 
311
+ #: admin.php:579
312
  msgid "so we used the default value instead."
313
+ msgstr "Donc on utilise la valeur par défaut à la place."
314
 
315
+ #: admin.php:612
316
  msgid "must be an integer,"
317
+ msgstr "doit être un entier"
318
 
319
+ #: admin.php:715
320
  msgid "There may be cases where everyone's password should be reset."
321
  msgstr ""
322
+ "Dans certains cas, les mots de passe de tous les utilisateurs devraient être "
323
+ "changés."
324
 
325
+ #: admin.php:717
326
  msgid "This page, provided by the %s plugin, offers that functionality."
327
+ msgstr "Cette page, de l’extension %s, vous permet de le faire."
328
 
329
+ #: admin.php:721
330
  msgid ""
331
  "Submitting this form sets a flag that forces all users to utilize WordPress' "
332
  "built in password reset functionality."
333
  msgstr ""
334
+ "Cocher cette case obligera tous les utilisateurs à utiliser le processus de "
335
+ "changement de mot de passe de WordPress."
336
 
337
+ #: admin.php:723
338
  msgid ""
339
  "Users who are presently logged in will be logged out the next time they view "
340
  "a page that requires authentication."
341
  msgstr ""
342
+ "Les utilisateurs actuellement connectés seront déconnectés à l'ouverture de "
343
+ "la prochaine page nécessitant une authentification."
344
 
345
+ #: admin.php:735
346
  msgid ""
347
  "Confirm that you want to force all users to change their passwords by "
348
  "checking this box, then click the button, below."
349
  msgstr ""
350
+ "Cochez cette case pour forcer tous les utilisateurs à changer leur mot de "
351
+ "passe, puis cliquez sur le bouton ci-dessous."
352
 
353
+ #: admin.php:754
354
  msgid "No thanks. I know what I'm doing. Please don't remind me about this."
355
+ msgstr "Non merci, je sais ce que je fais. Ne plus me le rappeler."
356
 
357
+ #: admin.php:786
358
  msgid ""
359
  "You have checked a box that does not correspond with the button you pressed. "
360
  "Please check and press buttons inside the same section."
361
  msgstr ""
362
+ "Vous avez cocher une case qui ne correspond pas au bouton cliqué. Vérifiez "
363
+ "et appuyez sur les boutons d'une même section."
364
 
365
+ #: admin.php:788
366
  msgid ""
367
  "Please confirm that you really want to do this. Put a check in the '%s' box "
368
  "before hitting the submit button."
369
  msgstr ""
370
+ "Vous voulez vraiment faire cela? Cochez la boîte '%s' avant de cliquer sur "
371
+ "le bouton de soumission."
372
 
373
+ # Translation from WordPress.
374
+ #: admin.php:804 admin.php:824
375
  msgid "Success!"
376
  msgstr ""
377
 
378
+ #: admin.php:856
379
  msgid ""
380
  "WARNING: The site is in maintenance mode. DO NOT TOUCH ANYTHING! Your "
381
  "changes may get overwritten!"
382
  msgstr ""
383
+ "ATTENTION: Le site est en mode maintenance. NE TOUCHEZ À RIEN! Vos "
384
+ "changements pourraient être écrasés!"
385
 
386
+ #: admin.php:880
387
  msgid ""
388
  "You have not asked your users to change their passwords since the plugin was "
389
  "activated. Most users have weak passwords. This plugin's password policies "
390
  "protect your site from brute force attacks. Please improve security for "
391
  "everyone on the Internet by making all users pick new, strong, passwords."
392
  msgstr ""
393
+ "Vous n'avez pas demandé à vos utilisateurs de changer leur mot de passe "
394
+ "depuis que l(extension à été activée. La plupart des utilisateurs utilisent "
395
+ "des mots de passe fragiles. Les politiques de mots de passe de cette "
396
+ "extension vous protègent des attaques de type 'brute force'. Aidez à "
397
+ "améliorer la sécurité de chacun sur internet en forçant tous les "
398
+ "utilisateurs à utiliser des nouveaux mots de passe sécurisés."
399
 
400
+ #: admin.php:884
401
  msgid ""
402
  "Speaking of which, do YOU have a strong password? Make sure by changing "
403
  "yours too."
404
  msgstr ""
405
+ "En parlant de cela avez-vous un mot de passe sécurisé? Assurez-vous en, "
406
+ "changez votre mot de passe aussi."
407
 
408
+ #: admin.php:888
409
  msgid ""
410
  "The following link leads to a user interface where you can either require "
411
  "all passwords to be reset or disable this notice."
412
  msgstr ""
413
+ "Le lien suivant conduit à une interface où vous pourrez soit forcer le "
414
+ "changement de tous les mots de passe ou désactiver cette notification. "
415
 
416
+ # Translation from WordPress.
417
+ #: admin.php:918
418
  msgid "You do not have sufficient permissions to access this page."
419
  msgstr ""
420
 
421
+ #: admin.php:924
422
  msgid "$user_ID variable not set. Another plugin is misbehaving."
423
+ msgstr "variable $user_ID non déclarée. Un autre plugin est en conflit."
424
 
425
  # @ login-security-solution
426
+ #: login-security-solution.php:523 tests/LoginErrorsTest.php:97
427
  #: tests/LoginErrorsTest.php:111
428
  msgid "Invalid username or password."
429
  msgstr "Identifiant ou mot de passe incorrect."
430
 
431
+ # Translation from WordPress.
432
  # @ default
433
+ #: login-security-solution.php:529 tests/LoginErrorsTest.php:125
434
  #: tests/LoginErrorsTest.php:139
435
  msgid "Password reset is not allowed for this user"
436
  msgstr ""
437
 
438
  # @ login-security-solution
439
+ #: login-security-solution.php:554 tests/LoginMessageTest.php:66
440
  msgid "It has been over %d minutes since your last action."
441
  msgstr "Vous êtes inactif depuis %d minutes."
442
 
443
  # @ login-security-solution
444
+ #: login-security-solution.php:555 tests/LoginMessageTest.php:67
445
  msgid "Please log back in."
446
  msgstr "Veuillez vous reconnecter."
447
 
448
  # @ login-security-solution
449
+ #: login-security-solution.php:558 tests/LoginMessageTest.php:77
450
  msgid "The grace period for changing your password has expired."
451
  msgstr "La période allouée pour changer votre mot de passe est écoulée."
452
 
453
  # @ login-security-solution
454
+ #: login-security-solution.php:559 tests/LoginMessageTest.php:78
455
  msgid "Please submit this form to reset your password."
456
  msgstr "Veuillez remplir ce formulaire pour ré-initialiser votre mor de passe."
457
 
458
  # @ login-security-solution
459
+ #: login-security-solution.php:562 tests/LoginMessageTest.php:88
460
  msgid "Your password must be reset."
461
  msgstr "Votre mot de passe doit être changé."
462
 
463
  # @ login-security-solution
464
+ #: login-security-solution.php:563 tests/LoginMessageTest.php:89
465
  msgid "Please submit this form to reset it."
466
  msgstr "Veuillez remplir ce formulaire pour le ré-initialiser"
467
 
468
  # @ login-security-solution
469
+ #: login-security-solution.php:566 tests/LoginMessageTest.php:104
470
  msgid "Your password has expired. Please log and change it."
471
  msgstr "Votre mot de passe a expiré. Veuillez vous connecter et le changer."
472
 
473
  # @ login-security-solution
474
+ #: login-security-solution.php:567 tests/LoginMessageTest.php:105
475
  msgid "We provide a %d minute grace period to do so."
476
  msgstr "Une période de %d minutes vous est allouée pour cela."
477
 
478
  # @ login-security-solution
479
+ #: login-security-solution.php:570 tests/LoginMessageTest.php:115
480
  msgid "The password you tried to create is not secure. Please try again."
481
  msgstr ""
482
  "Le mot de passe que vous voulez utiliser n'est pas suffisamment robuste. "
483
  "Veuillez ré-essayer."
484
 
485
  # @ login-security-solution
486
+ #: login-security-solution.php:576 tests/LoginMessageTest.php:129
487
  #: tests/LoginMessageTest.php:144
488
  msgid "The site is undergoing maintenance."
489
  msgstr "Le site est en maintenance."
490
 
491
  # @ login-security-solution
492
+ #: login-security-solution.php:577 tests/LoginMessageTest.php:130
493
  #: tests/LoginMessageTest.php:145
494
  msgid "Please try again later."
495
  msgstr "Veuillez ré-essayer un peu plus tard."
496
 
497
+ #: login-security-solution.php:651
498
  msgid ""
499
  "The password should either be: A) at least %d characters long and contain "
500
  "upper and lower case letters (except languages that only have one case) plus "
501
  "numbers and punctuation, or B) at least %d characters long. The password can "
502
  "not contain words related to you or this website."
503
  msgstr ""
504
+ "Le mot de passe doit, soit: A) comporter au moins %d caractères et contenir "
505
+ la fois des majuscules et des minuscules (sauf pour les langues qui "
506
+ "n'auraient qu'un cas de figure), des chiffres et de la ponctuation, soit: B) "
507
+ "comporter %d caractères. Le mot de passe ne peut contenir des mots en "
508
+ "relation avec ce site."
509
 
510
  # @ login-security-solution
511
+ #: login-security-solution.php:690 tests/PasswordChangeTest.php:277
512
  msgid "Passwords can not be reused."
513
  msgstr "D'anciens mots de passe ne peuvent être ré-utilisés."
514
 
515
+ # Translation from WordPress.
516
  # @ default
517
+ #: login-security-solution.php:894
518
  msgid "ERROR"
519
  msgstr ""
520
 
521
  # @ login-security-solution
522
+ #: login-security-solution.php:1031
523
  msgid ""
524
  "\n"
525
  "Component Count Value from Current Attempt\n"
536
  "MD5 du mot de passe %5d %s\n"
537
 
538
  # @ login-security-solution
539
+ #: login-security-solution.php:1848
540
  msgid "POTENTIAL INTRUSION AT %s"
541
  msgstr "INTRUSION POSSIBLE A %s"
542
 
543
  # @ login-security-solution
544
+ #: login-security-solution.php:1852
545
  msgid "Your website, %s, may have been broken in to."
546
  msgstr "Votre site, %s, a peut-être été corrompu."
547
 
548
  # @ login-security-solution
549
+ #: login-security-solution.php:1855
550
  msgid ""
551
  "Someone just logged in using the following components. Prior to that, some "
552
  "combination of those components were a part of %d failed attempts to log in "
557
  "connexion au cours des %d dernières minutes:"
558
 
559
  # @ login-security-solution
560
+ #: login-security-solution.php:1861
561
  msgid ""
562
  "The user's current IP address is one they have verified with your site in "
563
  "the past. Therefore, the user will NOT be required to confirm their "
570
  "ce serait effectivement un intrusion."
571
 
572
  # @ login-security-solution
573
+ #: login-security-solution.php:1863
574
  msgid ""
575
  "The user has been logged out and will be required to confirm their identity "
576
  "via the password reset functionality."
578
  "L'utilisateur à été déconnecté et il devra confirmer son identité via le "
579
  "processus de changement de mot de passe."
580
 
581
+ #: login-security-solution.php:1866
582
+ msgid "This message is from the %s plugin (%s) for WordPress."
583
+ msgstr ""
584
+ "Ce message provient du plugin Login Security Solution (%s) pour WordPress."
585
+
586
+ #: login-security-solution.php:1888
587
+ msgid "VERIFY YOU LOGGED IN TO %s"
588
+ msgstr "ASSUREZ VOUS D'ÊTRE CONNECTÉ À %s"
589
+
590
  # @ login-security-solution
591
+ #: login-security-solution.php:1892
592
  msgid ""
593
  "Someone just logged into your '%s' account at %s. Was it you that logged "
594
+ "in? We are asking because the site happens to be under attack at the moment."
595
  msgstr ""
596
+ "Quelqu'un a %2$s vient de se connecter en tant que '%1$s'. Était-ce vous? "
597
+ "Nous vous posons la question parce que le site semble subir une attaque."
598
 
599
  # @ login-security-solution
600
+ #: login-security-solution.php:1894
601
+ msgid "If it was NOT YOU, please do the following right away:"
602
+ msgstr "Si ce n'était PAS VOUS, veuillez suivre ces consignes au plus vite:"
603
 
604
  # @ login-security-solution
605
+ #: login-security-solution.php:1895
606
+ msgid " 1) Log into the site and change your password."
607
+ msgstr " 1) Connectez vous à le site et changez votre mot de passe."
608
 
609
  # @ login-security-solution
610
+ #: login-security-solution.php:1896
611
+ msgid " 2) Send an email to %s letting them know it was not you who logged in."
612
  msgstr ""
613
+ " 2) Envoyez un message à %s pour les prévenir que ce n'était pas vous qui "
614
  "vous êtes connecté récemment."
615
 
616
+ #: login-security-solution.php:1898
617
+ msgid ""
618
+ "If it WAS YOU, future hassles can be reduced by logging into the site, going "
619
+ "to your profile page, and clicking the '%s' button. The site will remember "
620
+ "your IP address as being legitimate."
621
+ msgstr ""
622
+ "si C'ÉTAIT VOUS, pour évitez les soucis connectez vous au site, rendez vous "
623
+ "sur votre page de profil, et cliquez sur le bouton '%s'. Le site "
624
+ "enregistrera votre adresse IP comme légitime."
625
+
626
+ # Translation from WordPress.
627
+ #: login-security-solution.php:1898
628
+ msgid "Update Profile"
629
+ msgstr ""
630
+
631
  # @ login-security-solution
632
+ #: login-security-solution.php:1924
633
  msgid "ATTACK HAPPENING TO %s"
634
  msgstr "ATTAQUE SUR %s"
635
 
636
  # @ login-security-solution
637
+ #: login-security-solution.php:1928
638
  msgid "Your website, %s, is undergoing a brute force attack."
639
  msgstr "Votre site, %s, subi une attaque de type brute force."
640
 
641
  # @ login-security-solution
642
+ #: login-security-solution.php:1931
643
  msgid ""
644
  "There have been at least %d failed attempts to log in during the past %d "
645
  "minutes that used one or more of the following components:"
648
  "minutes ont utilisées les données suivantes:"
649
 
650
  # @ login-security-solution
651
+ #: login-security-solution.php:1936
652
  msgid ""
653
+ "The %s plugin (%s) for WordPress is repelling the attack by making their "
654
+ "login failures take a very long time."
655
  msgstr ""
656
+ "Le plugin %s (%s) pour WordPress pare l'attaque en ralentissant la réponse à "
657
  "chaque tentative échouée."
658
 
659
  # @ login-security-solution
660
+ #: login-security-solution.php:2337 tests/PasswordValidationTest.php:483
661
  msgid "Password not set."
662
  msgstr "Mot de passe non défini."
663
 
664
  # @ login-security-solution
665
+ #: login-security-solution.php:2352 tests/PasswordValidationTest.php:494
666
  msgid "Passwords must be strings."
667
  msgstr "Les mots de passe ne peuvent comporter d'espace."
668
 
669
  # @ login-security-solution
670
+ #: login-security-solution.php:2370 tests/PasswordValidationTest.php:507
671
  msgid "Passwords must use ASCII characters."
672
  msgstr "Les mots de passe ne doivent comporter que des caractères ASCII."
673
 
674
  # @ login-security-solution
675
+ #: login-security-solution.php:2389 tests/PasswordChangeTest.php:310
676
  #: tests/PasswordValidationTest.php:524 tests/PasswordValidationTest.php:538
677
  msgid "Password is too short."
678
  msgstr "Le mot de passe est trop court."
679
 
680
  # @ login-security-solution
681
+ #: login-security-solution.php:2398 tests/PasswordValidationTest.php:564
682
  msgid "Passwords must either contain numbers or be %d characters long."
683
  msgstr ""
684
  "Le mot de passe doit, soit comporter des chiffres soit comporter %d "
685
  "caractères."
686
 
687
  # @ login-security-solution
688
+ #: login-security-solution.php:2407 tests/PasswordValidationTest.php:551
689
  msgid ""
690
  "Passwords must either contain punctuation marks / symbols or be %d "
691
  "characters long."
694
  "caractères."
695
 
696
  # @ login-security-solution
697
+ #: login-security-solution.php:2416 tests/PasswordValidationTest.php:577
698
  msgid ""
699
  "Passwords must either contain upper-case and lower-case letters or be %d "
700
  "characters long."
703
  "contenir %d caractères."
704
 
705
  # @ login-security-solution
706
+ #: login-security-solution.php:2426 tests/PasswordValidationTest.php:590
707
  msgid "Passwords can't be sequential keys."
708
  msgstr "Les mots de passe ne peuvent être une séquence."
709
 
710
  # @ login-security-solution
711
+ #: login-security-solution.php:2435 tests/PasswordValidationTest.php:603
712
  msgid "Passwords can't have that many sequential characters."
713
  msgstr ""
714
  "Les mots de passe ne peuvent contenir autant de caractères séquentiels."
715
 
716
  # @ login-security-solution
717
+ #: login-security-solution.php:2451 tests/PasswordValidationTest.php:616
718
  #: tests/PasswordValidationTest.php:629
719
  msgid "Passwords can't contain user data."
720
  msgstr "Les mots de passe ne peuvent contenir des informations utilisateur."
721
 
722
  # @ login-security-solution
723
+ #: login-security-solution.php:2462 tests/PasswordValidationTest.php:642
724
  msgid "Passwords can't contain site info."
725
  msgstr "Les mots de passe ne peuvent contenir des information du site."
726
 
727
  # @ login-security-solution
728
+ #: login-security-solution.php:2471 tests/PasswordValidationTest.php:655
729
  msgid "Password is too common."
730
  msgstr "Le mot de passe est trop banal."
731
 
732
  # @ login-security-solution
733
+ #: login-security-solution.php:2480 tests/PasswordValidationTest.php:671
734
  msgid "Passwords can't be variations of dictionary words."
735
  msgstr "Les mots de passe ne peuvent être issus du dictionnaire."
736
 
737
  #. Plugin Name of the plugin/theme
738
  msgid "Login Security Solution"
739
+ msgstr "Login Security Solution"
740
 
741
  #. Plugin URI of the plugin/theme
742
  msgid "http://wordpress.org/extend/plugins/login-security-solution/"
743
+ msgstr "http://wordpress.org/extend/plugins/login-security-solution/"
744
 
745
  #. Description of the plugin/theme
746
  msgid ""
749
  "attacks and breaches, permits administrators to disable logins for "
750
  "maintenance or emergency reasons and reset all passwords."
751
  msgstr ""
752
+ "Il vérifie ainsi la qualité des mots de passe, repousse les attaques de type "
753
+ "'brute force' à la connexion, empêche la divulgation des données de "
754
+ "connexion, fait expirer les sessions inactives, alerte les administrateurs "
755
+ "des attaques et failles éventuelles, permet aux administrateurs de "
756
+ "désactiver les connexions pour diverses raisons de maintenance ou d'urgence "
757
+ "et de réinitialiser tous les mots de passe."
758
 
759
  #. Author of the plugin/theme
760
  msgid "Daniel Convissor"
761
+ msgstr "Daniel Convissor"
762
 
763
  #. Author URI of the plugin/theme
764
  msgid "http://www.analysisandsolutions.com/"
765
+ msgstr "http://www.analysisandsolutions.com/"
 
 
 
 
 
 
 
 
 
 
languages/login-security-solution-pt_BR.po ADDED
@@ -0,0 +1,740 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ msgid ""
2
+ msgstr ""
3
+ "Project-Id-Version: Login Security Solution 0.28.0\n"
4
+ "Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
5
+ "solution\n"
6
+ "POT-Creation-Date: 2012-09-15 02:40:36+00:00\n"
7
+ "PO-Revision-Date: 2012-09-15 12:56:00-04:00\n"
8
+ "Last-Translator: Valdir Trombini <valdirtrombini@hotmail.com>\n"
9
+ "Language-Team: Valdir Trombini <valdirtrombini@hotmail.com>\n"
10
+ "MIME-Version: 1.0\n"
11
+ "Content-Type: text/plain; charset=UTF-8\n"
12
+ "Content-Transfer-Encoding: 8bit\n"
13
+ "Plural-Forms: nplurals=2; plural=n != 1;\n"
14
+ "X-Poedit-Language: Portuguese\n"
15
+ "X-Poedit-Country: BRAZIL\n"
16
+ "X-Poedit-SourceCharset: utf-8\n"
17
+ "X-Poedit-KeywordsList: _;_e;__;_n:1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;"
18
+ "_n_noop:1,2;_c,_nc:4c,1,2;_nx_noop:4c,1,2;__ngettext:1,2;"
19
+ "__ngettext_noop:1,2\n"
20
+ "X-Poedit-Basepath: .\n"
21
+ "X-Poedit-SearchPath-0: .\n"
22
+ "X-Poedit-SearchPath-1: ..\n"
23
+
24
+ # Translation from WordPress.
25
+ #: admin.php:112 admin.php:363
26
+ msgid "Settings"
27
+ msgstr ""
28
+
29
+ #: admin.php:126
30
+ msgid "Change All Passwords"
31
+ msgstr "Alterar todas as senhas"
32
+
33
+ #: admin.php:127
34
+ msgid "Do not remind me about this"
35
+ msgstr "Não me lembrar mais sobre isso"
36
+
37
+ #: admin.php:128
38
+ msgid "Require All Passwords Be Changed"
39
+ msgstr "Exigir que todo as senhas sejam alteradas"
40
+
41
+ #: admin.php:143
42
+ msgid ""
43
+ "%s must be activated via the Network Admin interface when WordPress is in "
44
+ "multistie network mode."
45
+ msgstr ""
46
+ "%s deve ser ativada através da interface de administração de rede quando o "
47
+ "WordPress está sendo usado no modo multi site."
48
+
49
+ #: admin.php:249
50
+ msgid "Idle Timeout"
51
+ msgstr "Tempo limite de ociosidade (inativo)"
52
+
53
+ #: admin.php:250
54
+ msgid ""
55
+ "Close inactive sessions after this many minutes. 0 disables this feature."
56
+ msgstr ""
57
+ "Fechar sessões inativas após esta quantidade de minutos. 0 desativa este "
58
+ "recurso."
59
+
60
+ #: admin.php:255
61
+ msgid "Maintenance Mode"
62
+ msgstr "Modo de Manutenção"
63
+
64
+ #: admin.php:256
65
+ msgid ""
66
+ "Disable logins from users who are not administrators and disable posting of "
67
+ "comments?"
68
+ msgstr ""
69
+ "Você quer desativar logins de usuários que não sejam administradores e "
70
+ "desativar postagens de comentários?"
71
+
72
+ #: admin.php:258
73
+ msgid "Off, let all users log in."
74
+ msgstr "Off, deixar que todos os usuários possam fazer login."
75
+
76
+ #: admin.php:259
77
+ msgid "On, disable comments and only let administrators log in."
78
+ msgstr ""
79
+ "On, desativar os comentários e somente permitir que os administradores "
80
+ "possam fazer login."
81
+
82
+ #: admin.php:263
83
+ msgid "Deactivation"
84
+ msgstr "Desativação"
85
+
86
+ #: admin.php:264
87
+ msgid ""
88
+ "Should deactivating the plugin remove all of the plugin's data and settings?"
89
+ msgstr ""
90
+ "Você quer desativar o plugin e remover todos os dados armazenados em sua "
91
+ "base e suas configurações?"
92
+
93
+ #: admin.php:266
94
+ msgid "No, preserve the data for future use."
95
+ msgstr ""
96
+ "Não, preservar os dados armazenados em sua base para utilização futura."
97
+
98
+ #: admin.php:267
99
+ msgid "Yes, delete the damn data."
100
+ msgstr "Sim, eliminar todos os dados armazenados em sua base."
101
+
102
+ #: admin.php:272
103
+ msgid "Match Time"
104
+ msgstr "Correspondência de tempo"
105
+
106
+ #: admin.php:273
107
+ msgid "How far back, in minutes, should login failures look for matching data?"
108
+ msgstr ""
109
+ "Até quanto tempo no passado, em minutos, procurar na correspondência de "
110
+ "dados as falhas de login?"
111
+
112
+ #: admin.php:278
113
+ msgid "Delay Tier 2"
114
+ msgstr "Atraso de nível 2"
115
+
116
+ #: admin.php:279
117
+ msgid ""
118
+ "How many matching login failures should it take to get into this (%d - %d "
119
+ "second) Delay Tier? Must be >= %d."
120
+ msgstr ""
121
+ "Quantas falhas de login em sua correspondência é necessário para entrar "
122
+ "neste atraso de nível? (%d - %d segundo) - Deve ser >= %d."
123
+
124
+ #: admin.php:285
125
+ msgid "Delay Tier 3"
126
+ msgstr "Atraso de nível 3"
127
+
128
+ #: admin.php:286
129
+ msgid ""
130
+ "How many matching login failures should it take to get into this (%d - %d "
131
+ "second) Delay Tier? Must be > Delay Tier 2."
132
+ msgstr ""
133
+ "Quantas falhas de login em sua correspondência é necessário para entrar "
134
+ "neste atraso de nível? (%d - %d segundo) - Deve ser > Atraso de camada "
135
+ "intermediárial 2."
136
+
137
+ #: admin.php:291
138
+ msgid "Notifications To"
139
+ msgstr "Notificações para"
140
+
141
+ #: admin.php:292
142
+ msgid ""
143
+ "The email address(es) the failure and breach notifications should be sent "
144
+ "to. For multiple addresses, separate them with commas. WordPress' "
145
+ "'admin_email' setting is used if none is provided here."
146
+ msgstr ""
147
+ "Para qual endereço de e-mail (ou e-mails), as falhas de login e as "
148
+ "notificações de violação deverão ser enviados. Para vários endereços, separe-"
149
+ "os com vírgulas. O endereço de correspondência do administrador nas "
150
+ "configuração do WordPress 'admin_email' é usado, se nenhum e-mail é "
151
+ "fornecido aqui."
152
+
153
+ #: admin.php:297
154
+ msgid "Failure Notification"
155
+ msgstr "Notificação de falha"
156
+
157
+ #: admin.php:298
158
+ msgid ""
159
+ "Notify the administrator upon every x matching login failures. 0 disables "
160
+ "this feature."
161
+ msgstr ""
162
+ "Notificar o administrador sobre cada (x = número de vezes) que tenha "
163
+ "correspondência com falhas de login verificadas. 0 desativa este recurso."
164
+
165
+ #: admin.php:303
166
+ msgid "Breach Notification"
167
+ msgstr "Notificação de violação"
168
+
169
+ #: admin.php:304
170
+ msgid ""
171
+ "Notify the administrator if a successful login uses data matching x login "
172
+ "failures. 0 disables this feature."
173
+ msgstr ""
174
+ "Notificar o administrador se o login bem-sucedido utiliza dados "
175
+ "correspondentes (x = número de vezes) e se houve alguma falhas de login. 0 "
176
+ "desativa este recurso."
177
+
178
+ #: admin.php:309
179
+ msgid "Breach Email Confirm"
180
+ msgstr "Confirmação por e-mail de violação"
181
+
182
+ #: admin.php:310
183
+ msgid ""
184
+ "If a successful login uses data matching x login failures, immediately log "
185
+ "the user out and require them to use WordPress' lost password process. 0 "
186
+ "disables this feature."
187
+ msgstr ""
188
+ "Se um login bem-sucedido usar dados correspondentes x quantidade de falhas "
189
+ "de login, imediatamente desconectará o usuário e os obrigará a usar o "
190
+ "processo senha perdida do WordPress. 0 desativa este recurso."
191
+
192
+ #: admin.php:316
193
+ msgid "Length"
194
+ msgstr "Duração"
195
+
196
+ #: admin.php:317
197
+ msgid "How long must passwords be? Must be >= %d."
198
+ msgstr "Quanto tempo deve durar a senha? Deve durar: >= %d."
199
+
200
+ #: admin.php:323
201
+ msgid "Complexity Exemption"
202
+ msgstr "Isenção da complexidade"
203
+
204
+ #: admin.php:324
205
+ msgid ""
206
+ "How long must passwords be to be exempt from the complexity requirements? "
207
+ "Must be >= %d."
208
+ msgstr ""
209
+ "Por quanto tempo devem ser isentas as senhas dos requisitos de complexidade? "
210
+ "Devem ser de: >= %d."
211
+
212
+ #: admin.php:330
213
+ msgid "Aging"
214
+ msgstr "Tempo de uso"
215
+
216
+ #: admin.php:331
217
+ msgid ""
218
+ "How many days old can a password be before requiring it be changed? Not "
219
+ "recommended. 0 disables this feature."
220
+ msgstr ""
221
+ "Quanto tempo de uso, em dias, pode ter uma senha, antes de exigir que ela "
222
+ "deva ser mudada (substituição da senha)? Não é recomendado! 0 desativa este "
223
+ "recurso."
224
+
225
+ #: admin.php:336
226
+ msgid "Grace Period"
227
+ msgstr "Período de carência"
228
+
229
+ #: admin.php:337
230
+ msgid ""
231
+ "How many minutes should a user have to change their password once they know "
232
+ "it has expired? Must be >= %d."
233
+ msgstr ""
234
+ "Uma vez sabendo, tendo conhecimento que sua senha expirou, quantos minutos o "
235
+ "usuário tem para alterar a sua senha efetivamente? Esse período deve ser de: "
236
+ ">= %d."
237
+
238
+ #: admin.php:343
239
+ msgid "History"
240
+ msgstr "Histórico"
241
+
242
+ #: admin.php:344
243
+ msgid ""
244
+ "How many passwords should be remembered? Prevents reuse of old passwords. 0 "
245
+ "disables this feature."
246
+ msgstr ""
247
+ "Qual é a quantidade de senhas antigas que devem ser lembradas? Esse recurso "
248
+ "impede a reutilização de senhas usadas anteriormente. 0 desativa este "
249
+ "recurso."
250
+
251
+ #: admin.php:406
252
+ msgid "Login Failure Policies"
253
+ msgstr "Condições das falhas de login"
254
+
255
+ #: admin.php:412
256
+ msgid "Password Policies"
257
+ msgstr "As diretivas de senha"
258
+
259
+ #: admin.php:418
260
+ msgid "Miscellaneous Policies"
261
+ msgstr "Condições diversas"
262
+
263
+ #: admin.php:468
264
+ msgid ""
265
+ "This plugin stores the IP address, username and password for each failed log "
266
+ "in attempt."
267
+ msgstr ""
268
+ "Este plugin armazena o endereço IP do usuário e senha para cada tentativa de "
269
+ "login que falhou em sua validação."
270
+
271
+ #: admin.php:470
272
+ msgid ""
273
+ "The data from future login failures are compared against the historical data."
274
+ msgstr ""
275
+ "Os dados de falhas de login futuros são comparados com os dados armazenados "
276
+ "nos históricos."
277
+
278
+ #: admin.php:472
279
+ msgid ""
280
+ "If any of the data points match, the plugin delays printing out the failure "
281
+ "message."
282
+ msgstr ""
283
+ "Se qualquer um dos pontos na correspondência de dados falhar, o plugin "
284
+ "imprime uma mensagem na tela e inicia os atrazos dificultando a conexão."
285
+
286
+ #: admin.php:474
287
+ msgid ""
288
+ "The goal is for the responses to take so long that the attackers give up and "
289
+ "go find an easier target."
290
+ msgstr ""
291
+ "Qual é o nosso objetivo? O objetivo é que as respostas podem tomar tanto "
292
+ "tempo, que não valeria o esforço dos atacantes, e isso o fará desistir e ir "
293
+ "procurar um alvo mais fácil."
294
+
295
+ #: admin.php:476
296
+ msgid "The length of the delay is broken up into three tiers."
297
+ msgstr "A duração do atraso está dividido em três níveis."
298
+
299
+ #: admin.php:478
300
+ msgid "The amount of the delay increases in higher tiers."
301
+ msgstr "A duração do atraso aumenta em níveis mais elevados."
302
+
303
+ #: admin.php:480
304
+ msgid ""
305
+ "The delay time within each tier is randomized to complicate profiling by "
306
+ "attackers."
307
+ msgstr ""
308
+ "O tempo de atraso, dentro de cada camada é randomizados para complicar ainda "
309
+ "mais os diversos perfis dos agressores."
310
+
311
+ #: admin.php:539 admin.php:554
312
+ msgid "Default:"
313
+ msgstr "Padrão: "
314
+
315
+ #: admin.php:578
316
+ msgid "must be >= '%s',"
317
+ msgstr "Deve ser: >= '%s', "
318
+
319
+ #: admin.php:579
320
+ msgid "so we used the default value instead."
321
+ msgstr "portanto, se o valor for omitido."
322
+
323
+ #: admin.php:612
324
+ msgid "must be an integer,"
325
+ msgstr "precisa ser um número inteiro,"
326
+
327
+ #: admin.php:715
328
+ msgid "There may be cases where everyone's password should be reset."
329
+ msgstr "Pode haver casos onde a senha de todos devam ser repostas."
330
+
331
+ #: admin.php:717
332
+ msgid "This page, provided by the %s plugin, offers that functionality."
333
+ msgstr "Esta página, fornecida pelo plugin %s, oferece essa funcionalidade."
334
+
335
+ #: admin.php:721
336
+ msgid ""
337
+ "Submitting this form sets a flag that forces all users to utilize WordPress' "
338
+ "built in password reset functionality."
339
+ msgstr ""
340
+ "Enviar este formulário, define um sinalizador que obriga todos os usuários "
341
+ "que utilizam a plataforma WordPress em se concientizar que esse foi "
342
+ "construído com funcionalidades de redefinição de senha."
343
+
344
+ #: admin.php:723
345
+ msgid ""
346
+ "Users who are presently logged in will be logged out the next time they view "
347
+ "a page that requires authentication."
348
+ msgstr ""
349
+ "Serão desconectados, os usuários que estão atualmente conectados, em uma "
350
+ "próxima vez que visualizar uma página que requeira autenticação."
351
+
352
+ #: admin.php:735
353
+ msgid ""
354
+ "Confirm that you want to force all users to change their passwords by "
355
+ "checking this box, then click the button, below."
356
+ msgstr ""
357
+ "Confirme aqui que você deseja forçar todos os usuários que alterem suas "
358
+ "senhas, marcando esta caixa, em seguida, clique no botão abaixo."
359
+
360
+ #: admin.php:754
361
+ msgid "No thanks. I know what I'm doing. Please don't remind me about this."
362
+ msgstr ""
363
+ "Não, obrigado! Eu sei o que estou fazendo. Por favor, não me lembre sobre "
364
+ "isso."
365
+
366
+ #: admin.php:786
367
+ msgid ""
368
+ "You have checked a box that does not correspond with the button you pressed. "
369
+ "Please check and press buttons inside the same section."
370
+ msgstr ""
371
+ "Se você encontrar uma caixa de seleção marcada que não corresponda, ou um "
372
+ "botão pressionado que você não tenha apertado. Por favor, verifique "
373
+ "corrigindo, ou pressione os botões dentro da mesma seção."
374
+
375
+ #: admin.php:788
376
+ msgid ""
377
+ "Please confirm that you really want to do this. Put a check in the '%s' box "
378
+ "before hitting the submit button."
379
+ msgstr ""
380
+ "Por favor, confirme que você realmente quer fazer isso. Coloque uma "
381
+ "verificação na '%s' caixa de seleção (Não, obrigado!), antes de clicar no "
382
+ "botão enviar."
383
+
384
+ # Translation from WordPress.
385
+ #: admin.php:804 admin.php:824
386
+ msgid "Success!"
387
+ msgstr ""
388
+
389
+ #: admin.php:856
390
+ msgid ""
391
+ "WARNING: The site is in maintenance mode. DO NOT TOUCH ANYTHING! Your "
392
+ "changes may get overwritten!"
393
+ msgstr ""
394
+ "Aviso: O site está em modo de manutenção. NÃO TOQUE EM NADA! As suas "
395
+ "alterações podem ser sobrescritas!"
396
+
397
+ #: admin.php:880
398
+ msgid ""
399
+ "You have not asked your users to change their passwords since the plugin was "
400
+ "activated. Most users have weak passwords. This plugin's password policies "
401
+ "protect your site from brute force attacks. Please improve security for "
402
+ "everyone on the Internet by making all users pick new, strong, passwords."
403
+ msgstr ""
404
+ "Você não pediu que os usuários alterem suas senhas desde que o plugin foi "
405
+ "ativado. A maioria dos usuários têm senhas fracas. Este plugin têm as "
406
+ "políticas de proteger seu site contra ataques de força bruta de qualquer "
407
+ "natureza. Por favor, melhore a segurança para todos na Internet, fazendo com "
408
+ "que todos os usuários escolham senhas novas e fortes."
409
+
410
+ #: admin.php:884
411
+ msgid ""
412
+ "Speaking of which, do YOU have a strong password? Make sure by changing "
413
+ "yours too."
414
+ msgstr ""
415
+ "Falando nisso, VOCÊ tem uma senha forte? Certifique-se alterando a sua "
416
+ "também."
417
+
418
+ #: admin.php:888
419
+ msgid ""
420
+ "The following link leads to a user interface where you can either require "
421
+ "all passwords to be reset or disable this notice."
422
+ msgstr ""
423
+ "O link a seguir conduz à uma interface de usuário onde você pode exigir que "
424
+ "todas as senhas sejam redefinidas ou desativar este aviso."
425
+
426
+ # Translation from WordPress.
427
+ #: admin.php:918
428
+ msgid "You do not have sufficient permissions to access this page."
429
+ msgstr ""
430
+
431
+ #: admin.php:924
432
+ msgid "$user_ID variable not set. Another plugin is misbehaving."
433
+ msgstr ""
434
+ "$user_ID variável não definida. Um outro plugin está se comportando mal."
435
+
436
+ #: login-security-solution.php:523 tests/LoginErrorsTest.php:97
437
+ #: tests/LoginErrorsTest.php:111
438
+ msgid "Invalid username or password."
439
+ msgstr "Nome de usuário ou senha inválido."
440
+
441
+ # Translation from WordPress.
442
+ #: login-security-solution.php:529 tests/LoginErrorsTest.php:125
443
+ #: tests/LoginErrorsTest.php:139
444
+ msgid "Password reset is not allowed for this user"
445
+ msgstr ""
446
+
447
+ #: login-security-solution.php:554 tests/LoginMessageTest.php:66
448
+ msgid "It has been over %d minutes since your last action."
449
+ msgstr "Já faz mais de %d minutos desde a sua última ação."
450
+
451
+ #: login-security-solution.php:555 tests/LoginMessageTest.php:67
452
+ msgid "Please log back in."
453
+ msgstr "Por favor efetue login para entrar novamente."
454
+
455
+ #: login-security-solution.php:558 tests/LoginMessageTest.php:77
456
+ msgid "The grace period for changing your password has expired."
457
+ msgstr "O período de tolerância para você mudar a sua senha expirou."
458
+
459
+ #: login-security-solution.php:559 tests/LoginMessageTest.php:78
460
+ msgid "Please submit this form to reset your password."
461
+ msgstr ""
462
+ "Para redefinir a sua senha, por favor, preencha e envie este formulário."
463
+
464
+ #: login-security-solution.php:562 tests/LoginMessageTest.php:88
465
+ msgid "Your password must be reset."
466
+ msgstr "Sua senha deve ser redefinida."
467
+
468
+ #: login-security-solution.php:563 tests/LoginMessageTest.php:89
469
+ msgid "Please submit this form to reset it."
470
+ msgstr "Por favor envie este formulário para redefini-la."
471
+
472
+ #: login-security-solution.php:566 tests/LoginMessageTest.php:104
473
+ msgid "Your password has expired. Please log and change it."
474
+ msgstr "Sua senha expirou. Por favor, efetue login para alterar."
475
+
476
+ #: login-security-solution.php:567 tests/LoginMessageTest.php:105
477
+ msgid "We provide a %d minute grace period to do so."
478
+ msgstr ""
479
+ "Nós fornecemos um período de tolerância de %d minutos para você fazer isso."
480
+
481
+ #: login-security-solution.php:570 tests/LoginMessageTest.php:115
482
+ msgid "The password you tried to create is not secure. Please try again."
483
+ msgstr ""
484
+ "A senha que você tentou criar não é segura. Por favor, tente novamente, "
485
+ "elevando o grau de complexidade."
486
+
487
+ #: login-security-solution.php:576 tests/LoginMessageTest.php:129
488
+ #: tests/LoginMessageTest.php:144
489
+ msgid "The site is undergoing maintenance."
490
+ msgstr "O site neste instante, está passando por manutenção."
491
+
492
+ #: login-security-solution.php:577 tests/LoginMessageTest.php:130
493
+ #: tests/LoginMessageTest.php:145
494
+ msgid "Please try again later."
495
+ msgstr "Por favor, tente novamente mais tarde."
496
+
497
+ #: login-security-solution.php:651
498
+ msgid ""
499
+ "The password should either be: A) at least %d characters long and contain "
500
+ "upper and lower case letters (except languages that only have one case) plus "
501
+ "numbers and punctuation, or B) at least %d characters long. The password can "
502
+ "not contain words related to you or this website."
503
+ msgstr ""
504
+ "A senha deve conter as seguintes especificações, para maior segurança: A) "
505
+ "pelo menos, %d caracteres de comprimento e conter letras MAIÚSCULAS e "
506
+ "minúsculas (exceto idiomas que têm apenas um caso), além de números e sinais "
507
+ "de pontuação, ou B) pelo menos a quantidade de %d caracteres de comprimento. "
508
+ "A senha não pode conter palavras relacionadas a você ou a este site."
509
+
510
+ #: login-security-solution.php:690 tests/PasswordChangeTest.php:277
511
+ msgid "Passwords can not be reused."
512
+ msgstr "As senhas não podem ser reutilizadas."
513
+
514
+ # Translation from WordPress.
515
+ #: login-security-solution.php:894
516
+ msgid "ERROR"
517
+ msgstr ""
518
+
519
+ #: login-security-solution.php:1031
520
+ msgid ""
521
+ "\n"
522
+ "Component Count Value from Current Attempt\n"
523
+ "------------------------ ----- --------------------------------\n"
524
+ "Network IP %5d %s\n"
525
+ "Username %5d %s\n"
526
+ "Password MD5 %5d %s\n"
527
+ msgstr ""
528
+ "\n"
529
+ "Componente o valor é Valor da tentativa atual\n"
530
+ "------------------------ ----- --------------------------------\n"
531
+ "O IP da rede %5d %s\n"
532
+ "Nome do usuário %5d %s\n"
533
+ "Senha MD5 %5d %s\n"
534
+
535
+ #: login-security-solution.php:1848
536
+ msgid "POTENTIAL INTRUSION AT %s"
537
+ msgstr "INVASÃO EM POTENCIAL %s"
538
+
539
+ #: login-security-solution.php:1852
540
+ msgid "Your website, %s, may have been broken in to."
541
+ msgstr "Seu website,%s, pode ter sido arrombado e invadido."
542
+
543
+ #: login-security-solution.php:1855
544
+ msgid ""
545
+ "Someone just logged in using the following components. Prior to that, some "
546
+ "combination of those components were a part of %d failed attempts to log in "
547
+ "during the past %d minutes:"
548
+ msgstr ""
549
+ "Alguém acabou logado com os seguintes componentes. Antes disso, uma "
550
+ "combinação desses componentes eram uma parte de %d tentativas para iniciar "
551
+ "sessão durante os últimos %d minutos:"
552
+
553
+ #: login-security-solution.php:1861
554
+ msgid ""
555
+ "The user's current IP address is one they have verified with your site in "
556
+ "the past. Therefore, the user will NOT be required to confirm their "
557
+ "identity via the password reset process. An email will be sent to them, "
558
+ "just in case this actually was a breach."
559
+ msgstr ""
560
+ "O utilizador atual já teve o seu endereço IP verificado anteriormente. "
561
+ "Portanto, o usuário não será obrigado a confirmar sua identidade através do "
562
+ "processo de redefinição de senha. Um e-mail será enviado para ele, apenas no "
563
+ "caso de se tratar realmente de uma violação."
564
+
565
+ #: login-security-solution.php:1863
566
+ msgid ""
567
+ "The user has been logged out and will be required to confirm their identity "
568
+ "via the password reset functionality."
569
+ msgstr ""
570
+ "O usuário foi desconectado e será obrigado a confirmar sua identidade "
571
+ "através da funcionalidade de redefinição de senha."
572
+
573
+ #: login-security-solution.php:1866
574
+ msgid "This message is from the %s plugin (%s) for WordPress."
575
+ msgstr ""
576
+ "Esta mensagem é proveniente do plugin Login Security Solution (%s) do seu "
577
+ "WordPress."
578
+
579
+ #: login-security-solution.php:1888
580
+ msgid "VERIFY YOU LOGGED IN TO %s"
581
+ msgstr "VERIFIQUE SE VOCÊ ESTÁ CONECTADO PARA %s"
582
+
583
+ #: login-security-solution.php:1892
584
+ msgid ""
585
+ "Someone just logged into your '%s' account at %s. Was it you that logged "
586
+ "in? We are asking because the site happens to be under attack at the moment."
587
+ msgstr ""
588
+ "Alguém acaba de se conectar em sua conta '%s'. Foi você que se conectou %s? "
589
+ "Estamos perguntando porque o site pode estar sob ataque neste momento"
590
+
591
+ #: login-security-solution.php:1894
592
+ msgid "If it was NOT YOU, please do the following right away:"
593
+ msgstr "Se NÃO é VOCÊ, por favor, faça o seguinte de imediato:"
594
+
595
+ #: login-security-solution.php:1895
596
+ msgid " 1) Log into the site and change your password."
597
+ msgstr " 1) Efetue login no site e altere a sua senha."
598
+
599
+ #: login-security-solution.php:1896
600
+ msgid " 2) Send an email to %s letting them know it was not you who logged in."
601
+ msgstr ""
602
+ " 2) Enviar um e-mail para %s, deixando que ele saiba que não foi você que "
603
+ "fez o acesso."
604
+
605
+ #: login-security-solution.php:1898
606
+ msgid ""
607
+ "If it WAS YOU, future hassles can be reduced by logging into the site, going "
608
+ "to your profile page, and clicking the '%s' button. The site will remember "
609
+ "your IP address as being legitimate."
610
+ msgstr ""
611
+ "Se FOI VOCÊ, pode ser reduzido os aborrecimentos futuros para entrar no "
612
+ "site, vá para página do seu prefil e clique no botão '%s'. O site vai se "
613
+ "lembrar do seu endereço IP como sendo legítimo."
614
+
615
+ # Translation from WordPress.
616
+ #: login-security-solution.php:1898
617
+ msgid "Update Profile"
618
+ msgstr ""
619
+
620
+ #: login-security-solution.php:1924
621
+ msgid "ATTACK HAPPENING TO %s"
622
+ msgstr "ATAQUE ACONTECENDO NO %s"
623
+
624
+ #: login-security-solution.php:1928
625
+ msgid "Your website, %s, is undergoing a brute force attack."
626
+ msgstr "Seu website, %s, está passando por um ataque de força bruta."
627
+
628
+ #: login-security-solution.php:1931
629
+ msgid ""
630
+ "There have been at least %d failed attempts to log in during the past %d "
631
+ "minutes that used one or more of the following components:"
632
+ msgstr ""
633
+ "Houve pelo menos %d tentativas para iniciar sessão durante os últimos %d "
634
+ "minutos, que usaram um ou mais dos seguintes componentes:"
635
+
636
+ #: login-security-solution.php:1936
637
+ msgid ""
638
+ "The %s plugin (%s) for WordPress is repelling the attack by making their "
639
+ "login failures take a very long time."
640
+ msgstr ""
641
+ "O plugin %s (%s) para o WordPress está repelindo ao ataque de força bruta, "
642
+ "na tentativa de descobrir o seu login, fazendo demorar um tempo muito longo "
643
+ "entre as falhas."
644
+
645
+ #: login-security-solution.php:2337 tests/PasswordValidationTest.php:483
646
+ msgid "Password not set."
647
+ msgstr "A senha não está definida."
648
+
649
+ #: login-security-solution.php:2352 tests/PasswordValidationTest.php:494
650
+ msgid "Passwords must be strings."
651
+ msgstr "As senhas devem ser seqüências de caracteres."
652
+
653
+ #: login-security-solution.php:2370 tests/PasswordValidationTest.php:507
654
+ msgid "Passwords must use ASCII characters."
655
+ msgstr "As senhas devem usar caracteres ASCII."
656
+
657
+ #: login-security-solution.php:2389 tests/PasswordChangeTest.php:310
658
+ #: tests/PasswordValidationTest.php:524 tests/PasswordValidationTest.php:538
659
+ msgid "Password is too short."
660
+ msgstr "A senha é muito curta."
661
+
662
+ #: login-security-solution.php:2398 tests/PasswordValidationTest.php:564
663
+ msgid "Passwords must either contain numbers or be %d characters long."
664
+ msgstr ""
665
+ "As senhas devem conter números ou estar %d num conjunto de caracteres longo."
666
+
667
+ #: login-security-solution.php:2407 tests/PasswordValidationTest.php:551
668
+ msgid ""
669
+ "Passwords must either contain punctuation marks / symbols or be %d "
670
+ "characters long."
671
+ msgstr ""
672
+ "As senhas devem conter sinais de pontuação/símbolos ou estar %d num conjunto "
673
+ "de caracteres longo."
674
+
675
+ #: login-security-solution.php:2416 tests/PasswordValidationTest.php:577
676
+ msgid ""
677
+ "Passwords must either contain upper-case and lower-case letters or be %d "
678
+ "characters long."
679
+ msgstr ""
680
+ "As senhas devem conter letras maiúsculas e minúsculas ou estar %d num "
681
+ "conjunto de caracteres longo."
682
+
683
+ #: login-security-solution.php:2426 tests/PasswordValidationTest.php:590
684
+ msgid "Passwords can't be sequential keys."
685
+ msgstr ""
686
+ "As senhas não podem ser chaves seqüenciais (repetição do mesmo número, "
687
+ "pontuação, letra etc.)."
688
+
689
+ #: login-security-solution.php:2435 tests/PasswordValidationTest.php:603
690
+ msgid "Passwords can't have that many sequential characters."
691
+ msgstr "As senhas não podem ter muitos caracteres iguais e em seqüenciais."
692
+
693
+ #: login-security-solution.php:2451 tests/PasswordValidationTest.php:616
694
+ #: tests/PasswordValidationTest.php:629
695
+ msgid "Passwords can't contain user data."
696
+ msgstr "As senhas não podem conter dados pessoais do usuário."
697
+
698
+ #: login-security-solution.php:2462 tests/PasswordValidationTest.php:642
699
+ msgid "Passwords can't contain site info."
700
+ msgstr "As senhas não podem conter informações do site."
701
+
702
+ #: login-security-solution.php:2471 tests/PasswordValidationTest.php:655
703
+ msgid "Password is too common."
704
+ msgstr "A senha não pode ser muito comum."
705
+
706
+ #: login-security-solution.php:2480 tests/PasswordValidationTest.php:671
707
+ msgid "Passwords can't be variations of dictionary words."
708
+ msgstr ""
709
+ "As senhas não podem ser variações de palavras de dicionários, seja ele qual "
710
+ "for."
711
+
712
+ #. Plugin Name of the plugin/theme
713
+ msgid "Login Security Solution"
714
+ msgstr "Login Security Solution"
715
+
716
+ #. Plugin URI of the plugin/theme
717
+ msgid "http://wordpress.org/extend/plugins/login-security-solution/"
718
+ msgstr "http://wordpress.org/extend/plugins/login-security-solution/"
719
+
720
+ #. Description of the plugin/theme
721
+ msgid ""
722
+ "Requires very strong passwords, repels brute force login attacks, prevents "
723
+ "login information disclosures, expires idle sessions, notifies admins of "
724
+ "attacks and breaches, permits administrators to disable logins for "
725
+ "maintenance or emergency reasons and reset all passwords."
726
+ msgstr ""
727
+ "Exige senhas muito fortes, repele ataques de login por força bruta, impede a "
728
+ "divulgação de informações de login, expira ( encerra) as sessões ociosas, "
729
+ "notifica (por e-mail) os administradores de ataques e violações, permite aos "
730
+ "administradores desabilitar logins por razões de manutenção, ou por uma "
731
+ "emergência qualquer e redefinir (alterar) todas as senhas em prazo "
732
+ "predeterminado."
733
+
734
+ #. Author of the plugin/theme
735
+ msgid "Daniel Convissor"
736
+ msgstr "Daniel Convissor"
737
+
738
+ #. Author URI of the plugin/theme
739
+ msgid "http://www.analysisandsolutions.com/"
740
+ msgstr "http://www.analysisandsolutions.com/"
languages/login-security-solution.pot CHANGED
@@ -2,10 +2,10 @@
2
  # This file is distributed under the same license as the Login Security Solution package.
3
  msgid ""
4
  msgstr ""
5
- "Project-Id-Version: Login Security Solution 0.26.0\n"
6
  "Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
7
  "solution\n"
8
- "POT-Creation-Date: 2012-09-01 11:42:28+00:00\n"
9
  "MIME-Version: 1.0\n"
10
  "Content-Type: text/plain; charset=UTF-8\n"
11
  "Content-Transfer-Encoding: 8bit\n"
@@ -13,7 +13,7 @@ msgstr ""
13
  "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
14
  "Language-Team: LANGUAGE <LL@li.org>\n"
15
 
16
- #: admin.php:112 admin.php:362
17
  msgid "Settings"
18
  msgstr ""
19
 
@@ -197,124 +197,124 @@ msgid ""
197
  "disables this feature."
198
  msgstr ""
199
 
200
- #: admin.php:405
201
  msgid "Login Failure Policies"
202
  msgstr ""
203
 
204
- #: admin.php:411
205
  msgid "Password Policies"
206
  msgstr ""
207
 
208
- #: admin.php:417
209
  msgid "Miscellaneous Policies"
210
  msgstr ""
211
 
212
- #: admin.php:467
213
  msgid ""
214
  "This plugin stores the IP address, username and password for each failed log "
215
  "in attempt."
216
  msgstr ""
217
 
218
- #: admin.php:469
219
  msgid ""
220
  "The data from future login failures are compared against the historical data."
221
  msgstr ""
222
 
223
- #: admin.php:471
224
  msgid ""
225
  "If any of the data points match, the plugin delays printing out the failure "
226
  "message."
227
  msgstr ""
228
 
229
- #: admin.php:473
230
  msgid ""
231
  "The goal is for the responses to take so long that the attackers give up and "
232
  "go find an easier target."
233
  msgstr ""
234
 
235
- #: admin.php:475
236
  msgid "The length of the delay is broken up into three tiers."
237
  msgstr ""
238
 
239
- #: admin.php:477
240
  msgid "The amount of the delay increases in higher tiers."
241
  msgstr ""
242
 
243
- #: admin.php:479
244
  msgid ""
245
  "The delay time within each tier is randomized to complicate profiling by "
246
  "attackers."
247
  msgstr ""
248
 
249
- #: admin.php:538 admin.php:553
250
  msgid "Default:"
251
  msgstr ""
252
 
253
- #: admin.php:577
254
  msgid "must be >= '%s',"
255
  msgstr ""
256
 
257
- #: admin.php:578
258
  msgid "so we used the default value instead."
259
  msgstr ""
260
 
261
- #: admin.php:611
262
  msgid "must be an integer,"
263
  msgstr ""
264
 
265
- #: admin.php:714
266
  msgid "There may be cases where everyone's password should be reset."
267
  msgstr ""
268
 
269
- #: admin.php:716
270
  msgid "This page, provided by the %s plugin, offers that functionality."
271
  msgstr ""
272
 
273
- #: admin.php:720
274
  msgid ""
275
  "Submitting this form sets a flag that forces all users to utilize WordPress' "
276
  "built in password reset functionality."
277
  msgstr ""
278
 
279
- #: admin.php:722
280
  msgid ""
281
  "Users who are presently logged in will be logged out the next time they view "
282
  "a page that requires authentication."
283
  msgstr ""
284
 
285
- #: admin.php:734
286
  msgid ""
287
  "Confirm that you want to force all users to change their passwords by "
288
  "checking this box, then click the button, below."
289
  msgstr ""
290
 
291
- #: admin.php:753
292
  msgid "No thanks. I know what I'm doing. Please don't remind me about this."
293
  msgstr ""
294
 
295
- #: admin.php:785
296
  msgid ""
297
  "You have checked a box that does not correspond with the button you pressed. "
298
  "Please check and press buttons inside the same section."
299
  msgstr ""
300
 
301
- #: admin.php:787
302
  msgid ""
303
  "Please confirm that you really want to do this. Put a check in the '%s' box "
304
  "before hitting the submit button."
305
  msgstr ""
306
 
307
- #: admin.php:803 admin.php:823
308
  msgid "Success!"
309
  msgstr ""
310
 
311
- #: admin.php:855
312
  msgid ""
313
  "WARNING: The site is in maintenance mode. DO NOT TOUCH ANYTHING! Your "
314
  "changes may get overwritten!"
315
  msgstr ""
316
 
317
- #: admin.php:879
318
  msgid ""
319
  "You have not asked your users to change their passwords since the plugin was "
320
  "activated. Most users have weak passwords. This plugin's password policies "
@@ -322,83 +322,83 @@ msgid ""
322
  "everyone on the Internet by making all users pick new, strong, passwords."
323
  msgstr ""
324
 
325
- #: admin.php:883
326
  msgid ""
327
  "Speaking of which, do YOU have a strong password? Make sure by changing "
328
  "yours too."
329
  msgstr ""
330
 
331
- #: admin.php:887
332
  msgid ""
333
  "The following link leads to a user interface where you can either require "
334
  "all passwords to be reset or disable this notice."
335
  msgstr ""
336
 
337
- #: admin.php:917
338
  msgid "You do not have sufficient permissions to access this page."
339
  msgstr ""
340
 
341
- #: admin.php:923
342
  msgid "$user_ID variable not set. Another plugin is misbehaving."
343
  msgstr ""
344
 
345
- #: login-security-solution.php:516 tests/LoginErrorsTest.php:97
346
  #: tests/LoginErrorsTest.php:111
347
  msgid "Invalid username or password."
348
  msgstr ""
349
 
350
- #: login-security-solution.php:522 tests/LoginErrorsTest.php:125
351
  #: tests/LoginErrorsTest.php:139
352
  msgid "Password reset is not allowed for this user"
353
  msgstr ""
354
 
355
- #: login-security-solution.php:547 tests/LoginMessageTest.php:66
356
  msgid "It has been over %d minutes since your last action."
357
  msgstr ""
358
 
359
- #: login-security-solution.php:548 tests/LoginMessageTest.php:67
360
  msgid "Please log back in."
361
  msgstr ""
362
 
363
- #: login-security-solution.php:551 tests/LoginMessageTest.php:77
364
  msgid "The grace period for changing your password has expired."
365
  msgstr ""
366
 
367
- #: login-security-solution.php:552 tests/LoginMessageTest.php:78
368
  msgid "Please submit this form to reset your password."
369
  msgstr ""
370
 
371
- #: login-security-solution.php:555 tests/LoginMessageTest.php:88
372
  msgid "Your password must be reset."
373
  msgstr ""
374
 
375
- #: login-security-solution.php:556 tests/LoginMessageTest.php:89
376
  msgid "Please submit this form to reset it."
377
  msgstr ""
378
 
379
- #: login-security-solution.php:559 tests/LoginMessageTest.php:104
380
  msgid "Your password has expired. Please log and change it."
381
  msgstr ""
382
 
383
- #: login-security-solution.php:560 tests/LoginMessageTest.php:105
384
  msgid "We provide a %d minute grace period to do so."
385
  msgstr ""
386
 
387
- #: login-security-solution.php:563 tests/LoginMessageTest.php:115
388
  msgid "The password you tried to create is not secure. Please try again."
389
  msgstr ""
390
 
391
- #: login-security-solution.php:569 tests/LoginMessageTest.php:129
392
  #: tests/LoginMessageTest.php:144
393
  msgid "The site is undergoing maintenance."
394
  msgstr ""
395
 
396
- #: login-security-solution.php:570 tests/LoginMessageTest.php:130
397
  #: tests/LoginMessageTest.php:145
398
  msgid "Please try again later."
399
  msgstr ""
400
 
401
- #: login-security-solution.php:644
402
  msgid ""
403
  "The password should either be: A) at least %d characters long and contain "
404
  "upper and lower case letters (except languages that only have one case) plus "
@@ -406,19 +406,15 @@ msgid ""
406
  "not contain words related to you or this website."
407
  msgstr ""
408
 
409
- #: login-security-solution.php:645
410
- msgid "(Why is this necessary?)"
411
- msgstr ""
412
-
413
- #: login-security-solution.php:679 tests/PasswordChangeTest.php:277
414
  msgid "Passwords can not be reused."
415
  msgstr ""
416
 
417
- #: login-security-solution.php:854
418
  msgid "ERROR"
419
  msgstr ""
420
 
421
- #: login-security-solution.php:991
422
  msgid ""
423
  "\n"
424
  "Component Count Value from Current Attempt\n"
@@ -428,22 +424,22 @@ msgid ""
428
  "Password MD5 %5d %s\n"
429
  msgstr ""
430
 
431
- #: login-security-solution.php:1807 login-security-solution.php:1844
432
  msgid "POTENTIAL INTRUSION AT %s"
433
  msgstr ""
434
 
435
- #: login-security-solution.php:1811
436
  msgid "Your website, %s, may have been broken in to."
437
  msgstr ""
438
 
439
- #: login-security-solution.php:1814
440
  msgid ""
441
  "Someone just logged in using the following components. Prior to that, some "
442
  "combination of those components were a part of %d failed attempts to log in "
443
  "during the past %d minutes:"
444
  msgstr ""
445
 
446
- #: login-security-solution.php:1820
447
  msgid ""
448
  "The user's current IP address is one they have verified with your site in "
449
  "the past. Therefore, the user will NOT be required to confirm their "
@@ -451,105 +447,124 @@ msgid ""
451
  "just in case this actually was a breach."
452
  msgstr ""
453
 
454
- #: login-security-solution.php:1822
455
  msgid ""
456
  "The user has been logged out and will be required to confirm their identity "
457
  "via the password reset functionality."
458
  msgstr ""
459
 
460
- #: login-security-solution.php:1848
 
 
 
 
 
 
 
 
461
  msgid ""
462
  "Someone just logged into your '%s' account at %s. Was it you that logged "
463
- "in? We are asking because the site is being attacked."
 
 
 
 
464
  msgstr ""
465
 
466
- #: login-security-solution.php:1849
467
- msgid "IF IT WAS NOT YOU, please do the following right away:"
468
  msgstr ""
469
 
470
- #: login-security-solution.php:1850
471
- msgid "1) Log into %s and change your password."
 
 
 
 
 
 
 
472
  msgstr ""
473
 
474
- #: login-security-solution.php:1851
475
- msgid "2) Send an email to %s letting them know it was not you who logged in."
476
  msgstr ""
477
 
478
- #: login-security-solution.php:1877
479
  msgid "ATTACK HAPPENING TO %s"
480
  msgstr ""
481
 
482
- #: login-security-solution.php:1881
483
  msgid "Your website, %s, is undergoing a brute force attack."
484
  msgstr ""
485
 
486
- #: login-security-solution.php:1884
487
  msgid ""
488
  "There have been at least %d failed attempts to log in during the past %d "
489
  "minutes that used one or more of the following components:"
490
  msgstr ""
491
 
492
- #: login-security-solution.php:1889
493
  msgid ""
494
- "The %s plugin for WordPress is repelling the attack by making their login "
495
- "failures take a very long time."
496
  msgstr ""
497
 
498
- #: login-security-solution.php:2296 tests/PasswordValidationTest.php:483
499
  msgid "Password not set."
500
  msgstr ""
501
 
502
- #: login-security-solution.php:2311 tests/PasswordValidationTest.php:494
503
  msgid "Passwords must be strings."
504
  msgstr ""
505
 
506
- #: login-security-solution.php:2329 tests/PasswordValidationTest.php:507
507
  msgid "Passwords must use ASCII characters."
508
  msgstr ""
509
 
510
- #: login-security-solution.php:2348 tests/PasswordChangeTest.php:310
511
  #: tests/PasswordValidationTest.php:524 tests/PasswordValidationTest.php:538
512
  msgid "Password is too short."
513
  msgstr ""
514
 
515
- #: login-security-solution.php:2357 tests/PasswordValidationTest.php:564
516
  msgid "Passwords must either contain numbers or be %d characters long."
517
  msgstr ""
518
 
519
- #: login-security-solution.php:2366 tests/PasswordValidationTest.php:551
520
  msgid ""
521
  "Passwords must either contain punctuation marks / symbols or be %d "
522
  "characters long."
523
  msgstr ""
524
 
525
- #: login-security-solution.php:2375 tests/PasswordValidationTest.php:577
526
  msgid ""
527
  "Passwords must either contain upper-case and lower-case letters or be %d "
528
  "characters long."
529
  msgstr ""
530
 
531
- #: login-security-solution.php:2385 tests/PasswordValidationTest.php:590
532
  msgid "Passwords can't be sequential keys."
533
  msgstr ""
534
 
535
- #: login-security-solution.php:2394 tests/PasswordValidationTest.php:603
536
  msgid "Passwords can't have that many sequential characters."
537
  msgstr ""
538
 
539
- #: login-security-solution.php:2410 tests/PasswordValidationTest.php:616
540
  #: tests/PasswordValidationTest.php:629
541
  msgid "Passwords can't contain user data."
542
  msgstr ""
543
 
544
- #: login-security-solution.php:2421 tests/PasswordValidationTest.php:642
545
  msgid "Passwords can't contain site info."
546
  msgstr ""
547
 
548
- #: login-security-solution.php:2430 tests/PasswordValidationTest.php:655
549
  msgid "Password is too common."
550
  msgstr ""
551
 
552
- #: login-security-solution.php:2439 tests/PasswordValidationTest.php:671
553
  msgid "Passwords can't be variations of dictionary words."
554
  msgstr ""
555
 
2
  # This file is distributed under the same license as the Login Security Solution package.
3
  msgid ""
4
  msgstr ""
5
+ "Project-Id-Version: Login Security Solution 0.28.0\n"
6
  "Report-Msgid-Bugs-To: http://wordpress.org/support/plugin/login-security-"
7
  "solution\n"
8
+ "POT-Creation-Date: 2012-09-15 02:40:36+00:00\n"
9
  "MIME-Version: 1.0\n"
10
  "Content-Type: text/plain; charset=UTF-8\n"
11
  "Content-Transfer-Encoding: 8bit\n"
13
  "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
14
  "Language-Team: LANGUAGE <LL@li.org>\n"
15
 
16
+ #: admin.php:112 admin.php:363
17
  msgid "Settings"
18
  msgstr ""
19
 
197
  "disables this feature."
198
  msgstr ""
199
 
200
+ #: admin.php:406
201
  msgid "Login Failure Policies"
202
  msgstr ""
203
 
204
+ #: admin.php:412
205
  msgid "Password Policies"
206
  msgstr ""
207
 
208
+ #: admin.php:418
209
  msgid "Miscellaneous Policies"
210
  msgstr ""
211
 
212
+ #: admin.php:468
213
  msgid ""
214
  "This plugin stores the IP address, username and password for each failed log "
215
  "in attempt."
216
  msgstr ""
217
 
218
+ #: admin.php:470
219
  msgid ""
220
  "The data from future login failures are compared against the historical data."
221
  msgstr ""
222
 
223
+ #: admin.php:472
224
  msgid ""
225
  "If any of the data points match, the plugin delays printing out the failure "
226
  "message."
227
  msgstr ""
228
 
229
+ #: admin.php:474
230
  msgid ""
231
  "The goal is for the responses to take so long that the attackers give up and "
232
  "go find an easier target."
233
  msgstr ""
234
 
235
+ #: admin.php:476
236
  msgid "The length of the delay is broken up into three tiers."
237
  msgstr ""
238
 
239
+ #: admin.php:478
240
  msgid "The amount of the delay increases in higher tiers."
241
  msgstr ""
242
 
243
+ #: admin.php:480
244
  msgid ""
245
  "The delay time within each tier is randomized to complicate profiling by "
246
  "attackers."
247
  msgstr ""
248
 
249
+ #: admin.php:539 admin.php:554
250
  msgid "Default:"
251
  msgstr ""
252
 
253
+ #: admin.php:578
254
  msgid "must be >= '%s',"
255
  msgstr ""
256
 
257
+ #: admin.php:579
258
  msgid "so we used the default value instead."
259
  msgstr ""
260
 
261
+ #: admin.php:612
262
  msgid "must be an integer,"
263
  msgstr ""
264
 
265
+ #: admin.php:715
266
  msgid "There may be cases where everyone's password should be reset."
267
  msgstr ""
268
 
269
+ #: admin.php:717
270
  msgid "This page, provided by the %s plugin, offers that functionality."
271
  msgstr ""
272
 
273
+ #: admin.php:721
274
  msgid ""
275
  "Submitting this form sets a flag that forces all users to utilize WordPress' "
276
  "built in password reset functionality."
277
  msgstr ""
278
 
279
+ #: admin.php:723
280
  msgid ""
281
  "Users who are presently logged in will be logged out the next time they view "
282
  "a page that requires authentication."
283
  msgstr ""
284
 
285
+ #: admin.php:735
286
  msgid ""
287
  "Confirm that you want to force all users to change their passwords by "
288
  "checking this box, then click the button, below."
289
  msgstr ""
290
 
291
+ #: admin.php:754
292
  msgid "No thanks. I know what I'm doing. Please don't remind me about this."
293
  msgstr ""
294
 
295
+ #: admin.php:786
296
  msgid ""
297
  "You have checked a box that does not correspond with the button you pressed. "
298
  "Please check and press buttons inside the same section."
299
  msgstr ""
300
 
301
+ #: admin.php:788
302
  msgid ""
303
  "Please confirm that you really want to do this. Put a check in the '%s' box "
304
  "before hitting the submit button."
305
  msgstr ""
306
 
307
+ #: admin.php:804 admin.php:824
308
  msgid "Success!"
309
  msgstr ""
310
 
311
+ #: admin.php:856
312
  msgid ""
313
  "WARNING: The site is in maintenance mode. DO NOT TOUCH ANYTHING! Your "
314
  "changes may get overwritten!"
315
  msgstr ""
316
 
317
+ #: admin.php:880
318
  msgid ""
319
  "You have not asked your users to change their passwords since the plugin was "
320
  "activated. Most users have weak passwords. This plugin's password policies "
322
  "everyone on the Internet by making all users pick new, strong, passwords."
323
  msgstr ""
324
 
325
+ #: admin.php:884
326
  msgid ""
327
  "Speaking of which, do YOU have a strong password? Make sure by changing "
328
  "yours too."
329
  msgstr ""
330
 
331
+ #: admin.php:888
332
  msgid ""
333
  "The following link leads to a user interface where you can either require "
334
  "all passwords to be reset or disable this notice."
335
  msgstr ""
336
 
337
+ #: admin.php:918
338
  msgid "You do not have sufficient permissions to access this page."
339
  msgstr ""
340
 
341
+ #: admin.php:924
342
  msgid "$user_ID variable not set. Another plugin is misbehaving."
343
  msgstr ""
344
 
345
+ #: login-security-solution.php:523 tests/LoginErrorsTest.php:97
346
  #: tests/LoginErrorsTest.php:111
347
  msgid "Invalid username or password."
348
  msgstr ""
349
 
350
+ #: login-security-solution.php:529 tests/LoginErrorsTest.php:125
351
  #: tests/LoginErrorsTest.php:139
352
  msgid "Password reset is not allowed for this user"
353
  msgstr ""
354
 
355
+ #: login-security-solution.php:554 tests/LoginMessageTest.php:66
356
  msgid "It has been over %d minutes since your last action."
357
  msgstr ""
358
 
359
+ #: login-security-solution.php:555 tests/LoginMessageTest.php:67
360
  msgid "Please log back in."
361
  msgstr ""
362
 
363
+ #: login-security-solution.php:558 tests/LoginMessageTest.php:77
364
  msgid "The grace period for changing your password has expired."
365
  msgstr ""
366
 
367
+ #: login-security-solution.php:559 tests/LoginMessageTest.php:78
368
  msgid "Please submit this form to reset your password."
369
  msgstr ""
370
 
371
+ #: login-security-solution.php:562 tests/LoginMessageTest.php:88
372
  msgid "Your password must be reset."
373
  msgstr ""
374
 
375
+ #: login-security-solution.php:563 tests/LoginMessageTest.php:89
376
  msgid "Please submit this form to reset it."
377
  msgstr ""
378
 
379
+ #: login-security-solution.php:566 tests/LoginMessageTest.php:104
380
  msgid "Your password has expired. Please log and change it."
381
  msgstr ""
382
 
383
+ #: login-security-solution.php:567 tests/LoginMessageTest.php:105
384
  msgid "We provide a %d minute grace period to do so."
385
  msgstr ""
386
 
387
+ #: login-security-solution.php:570 tests/LoginMessageTest.php:115
388
  msgid "The password you tried to create is not secure. Please try again."
389
  msgstr ""
390
 
391
+ #: login-security-solution.php:576 tests/LoginMessageTest.php:129
392
  #: tests/LoginMessageTest.php:144
393
  msgid "The site is undergoing maintenance."
394
  msgstr ""
395
 
396
+ #: login-security-solution.php:577 tests/LoginMessageTest.php:130
397
  #: tests/LoginMessageTest.php:145
398
  msgid "Please try again later."
399
  msgstr ""
400
 
401
+ #: login-security-solution.php:651
402
  msgid ""
403
  "The password should either be: A) at least %d characters long and contain "
404
  "upper and lower case letters (except languages that only have one case) plus "
406
  "not contain words related to you or this website."
407
  msgstr ""
408
 
409
+ #: login-security-solution.php:690 tests/PasswordChangeTest.php:277
 
 
 
 
410
  msgid "Passwords can not be reused."
411
  msgstr ""
412
 
413
+ #: login-security-solution.php:894
414
  msgid "ERROR"
415
  msgstr ""
416
 
417
+ #: login-security-solution.php:1031
418
  msgid ""
419
  "\n"
420
  "Component Count Value from Current Attempt\n"
424
  "Password MD5 %5d %s\n"
425
  msgstr ""
426
 
427
+ #: login-security-solution.php:1848
428
  msgid "POTENTIAL INTRUSION AT %s"
429
  msgstr ""
430
 
431
+ #: login-security-solution.php:1852
432
  msgid "Your website, %s, may have been broken in to."
433
  msgstr ""
434
 
435
+ #: login-security-solution.php:1855
436
  msgid ""
437
  "Someone just logged in using the following components. Prior to that, some "
438
  "combination of those components were a part of %d failed attempts to log in "
439
  "during the past %d minutes:"
440
  msgstr ""
441
 
442
+ #: login-security-solution.php:1861
443
  msgid ""
444
  "The user's current IP address is one they have verified with your site in "
445
  "the past. Therefore, the user will NOT be required to confirm their "
447
  "just in case this actually was a breach."
448
  msgstr ""
449
 
450
+ #: login-security-solution.php:1863
451
  msgid ""
452
  "The user has been logged out and will be required to confirm their identity "
453
  "via the password reset functionality."
454
  msgstr ""
455
 
456
+ #: login-security-solution.php:1866
457
+ msgid "This message is from the %s plugin (%s) for WordPress."
458
+ msgstr ""
459
+
460
+ #: login-security-solution.php:1888
461
+ msgid "VERIFY YOU LOGGED IN TO %s"
462
+ msgstr ""
463
+
464
+ #: login-security-solution.php:1892
465
  msgid ""
466
  "Someone just logged into your '%s' account at %s. Was it you that logged "
467
+ "in? We are asking because the site happens to be under attack at the moment."
468
+ msgstr ""
469
+
470
+ #: login-security-solution.php:1894
471
+ msgid "If it was NOT YOU, please do the following right away:"
472
  msgstr ""
473
 
474
+ #: login-security-solution.php:1895
475
+ msgid " 1) Log into the site and change your password."
476
  msgstr ""
477
 
478
+ #: login-security-solution.php:1896
479
+ msgid " 2) Send an email to %s letting them know it was not you who logged in."
480
+ msgstr ""
481
+
482
+ #: login-security-solution.php:1898
483
+ msgid ""
484
+ "If it WAS YOU, future hassles can be reduced by logging into the site, going "
485
+ "to your profile page, and clicking the '%s' button. The site will remember "
486
+ "your IP address as being legitimate."
487
  msgstr ""
488
 
489
+ #: login-security-solution.php:1898
490
+ msgid "Update Profile"
491
  msgstr ""
492
 
493
+ #: login-security-solution.php:1924
494
  msgid "ATTACK HAPPENING TO %s"
495
  msgstr ""
496
 
497
+ #: login-security-solution.php:1928
498
  msgid "Your website, %s, is undergoing a brute force attack."
499
  msgstr ""
500
 
501
+ #: login-security-solution.php:1931
502
  msgid ""
503
  "There have been at least %d failed attempts to log in during the past %d "
504
  "minutes that used one or more of the following components:"
505
  msgstr ""
506
 
507
+ #: login-security-solution.php:1936
508
  msgid ""
509
+ "The %s plugin (%s) for WordPress is repelling the attack by making their "
510
+ "login failures take a very long time."
511
  msgstr ""
512
 
513
+ #: login-security-solution.php:2337 tests/PasswordValidationTest.php:483
514
  msgid "Password not set."
515
  msgstr ""
516
 
517
+ #: login-security-solution.php:2352 tests/PasswordValidationTest.php:494
518
  msgid "Passwords must be strings."
519
  msgstr ""
520
 
521
+ #: login-security-solution.php:2370 tests/PasswordValidationTest.php:507
522
  msgid "Passwords must use ASCII characters."
523
  msgstr ""
524
 
525
+ #: login-security-solution.php:2389 tests/PasswordChangeTest.php:310
526
  #: tests/PasswordValidationTest.php:524 tests/PasswordValidationTest.php:538
527
  msgid "Password is too short."
528
  msgstr ""
529
 
530
+ #: login-security-solution.php:2398 tests/PasswordValidationTest.php:564
531
  msgid "Passwords must either contain numbers or be %d characters long."
532
  msgstr ""
533
 
534
+ #: login-security-solution.php:2407 tests/PasswordValidationTest.php:551
535
  msgid ""
536
  "Passwords must either contain punctuation marks / symbols or be %d "
537
  "characters long."
538
  msgstr ""
539
 
540
+ #: login-security-solution.php:2416 tests/PasswordValidationTest.php:577
541
  msgid ""
542
  "Passwords must either contain upper-case and lower-case letters or be %d "
543
  "characters long."
544
  msgstr ""
545
 
546
+ #: login-security-solution.php:2426 tests/PasswordValidationTest.php:590
547
  msgid "Passwords can't be sequential keys."
548
  msgstr ""
549
 
550
+ #: login-security-solution.php:2435 tests/PasswordValidationTest.php:603
551
  msgid "Passwords can't have that many sequential characters."
552
  msgstr ""
553
 
554
+ #: login-security-solution.php:2451 tests/PasswordValidationTest.php:616
555
  #: tests/PasswordValidationTest.php:629
556
  msgid "Passwords can't contain user data."
557
  msgstr ""
558
 
559
+ #: login-security-solution.php:2462 tests/PasswordValidationTest.php:642
560
  msgid "Passwords can't contain site info."
561
  msgstr ""
562
 
563
+ #: login-security-solution.php:2471 tests/PasswordValidationTest.php:655
564
  msgid "Password is too common."
565
  msgstr ""
566
 
567
+ #: login-security-solution.php:2480 tests/PasswordValidationTest.php:671
568
  msgid "Passwords can't be variations of dictionary words."
569
  msgstr ""
570
 
login-security-solution.php CHANGED
@@ -6,7 +6,8 @@
6
  * Description: Requires very strong passwords, repels brute force login attacks, prevents login information disclosures, expires idle sessions, notifies admins of attacks and breaches, permits administrators to disable logins for maintenance or emergency reasons and reset all passwords.
7
  *
8
  * Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/
9
- * Version: 0.27.0
 
10
  * Author: Daniel Convissor
11
  * Author URI: http://www.analysisandsolutions.com/
12
  * License: GPLv2
@@ -38,6 +39,11 @@ class login_security_solution {
38
  */
39
  const NAME = 'Login Security Solution';
40
 
 
 
 
 
 
41
  /**
42
  * This plugin's table name prefix
43
  * @var string
@@ -135,6 +141,12 @@ class login_security_solution {
135
  */
136
  protected $table_fail;
137
 
 
 
 
 
 
 
138
  /**
139
  * Our usermeta key for tracking when passwords were changed
140
  * @var string
@@ -191,6 +203,7 @@ class login_security_solution {
191
 
192
  add_action('login_form_resetpass', array(&$this, 'pw_policy_establish'));
193
 
 
194
  add_filter('login_errors', array(&$this, 'login_errors'));
195
  add_filter('login_message', array(&$this, 'login_message'));
196
 
@@ -204,12 +217,6 @@ class login_security_solution {
204
  add_action('auth_cookie_expired', array(&$this, 'auth_cookie_expired'));
205
  }
206
 
207
- if ($this->options['login_fail_breach_notify']
208
- || $this->options['login_fail_breach_pw_force_change'])
209
- {
210
- add_action('wp_login', array(&$this, 'wp_login'), 10, 2);
211
- }
212
-
213
  if (is_admin()) {
214
  $this->load_plugin_textdomain();
215
 
@@ -518,7 +525,7 @@ class login_security_solution {
518
 
519
  $codes_to_cloak = array('invalid_email', 'invalidcombo');
520
  if (array_intersect($error_codes, $codes_to_cloak)) {
521
- // This text is lifted directly from WordPress.
522
  return $this->hsc_utf8(__('Password reset is not allowed for this user'));
523
  }
524
 
@@ -665,8 +672,13 @@ class login_security_solution {
665
  * kosher
666
  * @uses login_security_solution::process_pw_metadata() to update user
667
  * metadata
 
668
  */
669
  public function user_profile_update_errors(&$errors, $update, $user) {
 
 
 
 
670
  if ($update) {
671
  if (empty($user->user_pass) || empty($user->ID)) {
672
  // Password is not being changed.
@@ -686,9 +698,6 @@ class login_security_solution {
686
  // Empty ID means an admin is adding a new user.
687
  if (!empty($user->ID) && !$errors->get_error_codes()) {
688
  $this->process_pw_metadata($user->ID, $user->user_pass);
689
- if ($user->ID == get_current_user_id()) {
690
- $this->save_verified_ip($user->ID, $this->get_ip());
691
- }
692
  }
693
 
694
  return $answer;
@@ -719,38 +728,48 @@ class login_security_solution {
719
  * @uses login_security_solution::set_pw_force_change() to keep atackers
720
  * from doing damage or changing the account's email address
721
  * @uses login_security_solution::notify_breach() to warn of the breach
 
722
  */
723
  public function wp_login($user_name, $user) {
724
  if (!$user_name) {
725
  return;
726
  }
727
- if (!$this->options['login_fail_breach_notify']
728
- && !$this->options['login_fail_breach_pw_force_change'])
729
- {
730
- return -1;
731
- }
732
 
733
  $ip = $this->get_ip();
734
  $network_ip = $this->get_network_ip($ip);
735
  $pass_md5 = $this->md5(empty($_POST['pwd']) ? '' : $_POST['pwd']);
736
 
737
  $return = 1;
 
738
  $fails = $this->get_login_fail($network_ip, $user_name, $pass_md5);
739
 
 
 
 
 
740
  /*
741
  * Keep legitimate users from having to repeatedly reset passwords
742
- * during active attacks against their user name (password ). Do this
743
- * if the user's current IP address is not involved with any of the
744
  * recent failed logins and the current IP address has been verified.
745
  */
746
- if (!$fails['network_ip']
747
  && in_array($ip, $this->get_verified_ips($user->ID)))
748
  {
 
 
 
 
749
  $return += 8;
750
  $verified_ip = true;
751
  } else {
 
752
  $verified_ip = false;
 
 
 
753
  }
 
754
 
755
  if ($this->options['login_fail_breach_pw_force_change']
756
  && $fails['total'] >= $this->options['login_fail_breach_pw_force_change']
@@ -762,18 +781,21 @@ class login_security_solution {
762
  }
763
 
764
  if ($this->options['login_fail_breach_notify']
765
- && $fails['total'] >= $this->options['login_fail_breach_notify'])
 
766
  {
767
- // Send this, even if IP is verified, just in case.
768
  ###$this->log("wp_login(): Breach notify.");
769
  $this->notify_breach($network_ip, $user_name, $pass_md5, $fails,
770
  $verified_ip);
771
- if ($verified_ip) {
772
- $this->notify_breach_user($user);
773
- }
774
  $return += 4;
775
  }
776
 
 
 
 
 
 
777
  return $return;
778
  }
779
 
@@ -781,6 +803,23 @@ class login_security_solution {
781
  * ===== INTERNAL METHODS ====
782
  */
783
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
784
  /**
785
  * Examines and manipulates password grace periods as needed
786
  *
@@ -850,6 +889,7 @@ class login_security_solution {
850
  * @return string
851
  */
852
  protected function err($message) {
 
853
  $error = $this->hsc_utf8(__("ERROR"));
854
  $message = $this->hsc_utf8($message);
855
  return "<strong>$error</strong>: $message";
@@ -1638,7 +1678,8 @@ Password MD5 %5d %s
1638
  if (!is_scalar($msg)) {
1639
  $msg = var_export($msg, true);
1640
  }
1641
- file_put_contents('/var/tmp/' . self::ID . '.log', "$msg\n", FILE_APPEND);
 
1642
  }
1643
 
1644
  /**
@@ -1816,11 +1857,14 @@ Password MD5 %5d %s
1816
  . $this->get_notify_counts($network_ip, $user_name, $pass_md5, $fails);
1817
 
1818
  if ($verified_ip) {
1819
- $message .= __("The user's current IP address is one they have verified with your site in the past. Therefore, the user will NOT be required to confirm their identity via the password reset process. An email will be sent to them, just in case this actually was a breach.", self::ID) . "\n";
1820
  } else {
1821
- $message .= __("The user has been logged out and will be required to confirm their identity via the password reset functionality.", self::ID) . "\n";
1822
  }
1823
 
 
 
 
1824
  return wp_mail($to, $subject, $message);
1825
  }
1826
 
@@ -1840,14 +1884,17 @@ Password MD5 %5d %s
1840
  $to = $this->sanitize_whitespace($user->user_email);
1841
 
1842
  $blog = get_option('blogname');
1843
- $subject = sprintf(__("POTENTIAL INTRUSION AT %s", self::ID), $blog);
1844
  $subject = $this->sanitize_whitespace($subject);
1845
 
1846
  $message =
1847
- sprintf(__("Someone just logged into your '%s' account at %s. Was it you that logged in? We are asking because the site is being attacked.", self::ID), $user->user_login, get_option('siteurl')) . "\n\n"
1848
- . __("IF IT WAS NOT YOU, please do the following right away:", self::ID) . "\n\n"
1849
- . sprintf(__("1) Log into %s and change your password.", self::ID), wp_login_url()) . "\n\n"
1850
- . sprintf(__("2) Send an email to %s letting them know it was not you who logged in.", self::ID), $this->get_admin_email()) . "\n";
 
 
 
1851
 
1852
  return wp_mail($to, $subject, $message);
1853
  }
@@ -1885,8 +1932,8 @@ Password MD5 %5d %s
1885
 
1886
  . $this->get_notify_counts($network_ip, $user_name, $pass_md5, $fails)
1887
 
1888
- . sprintf(__("The %s plugin for WordPress is repelling the attack by making their login failures take a very long time.", self::ID),
1889
- self::NAME) . "\n";
1890
 
1891
  return wp_mail($to, $subject, $message);
1892
  }
@@ -1907,6 +1954,7 @@ Password MD5 %5d %s
1907
  * @uses login_security_solution::get_login_fail() to see if
1908
  * they're over the limit
1909
  * @uses login_security_solution::notify_fail() to warn of an attack
 
1910
  */
1911
  protected function process_login_fail($user_name, $user_pass,
1912
  $close_db = true)
@@ -1932,14 +1980,7 @@ Password MD5 %5d %s
1932
  $this->notify_fail($network_ip, $user_name, $pass_md5, $fails);
1933
  }
1934
 
1935
- if ($fails['total'] < $this->options['login_fail_tier_2']) {
1936
- // Use random, overlapping sleep times to complicate profiling.
1937
- $sleep = rand(1, 7);
1938
- } elseif ($fails['total'] < $this->options['login_fail_tier_3']) {
1939
- $sleep = rand(4, 30);
1940
- } else {
1941
- $sleep = rand(25, 60);
1942
- }
1943
 
1944
  if (!defined('LOGIN_SECURITY_SOLUTION_TESTING')) {
1945
  if (is_multisite()) {
@@ -2044,7 +2085,7 @@ Password MD5 %5d %s
2044
  * @return string the cleaned string
2045
  */
2046
  protected function sanitize_whitespace($in) {
2047
- return preg_replace('/\s+/', ' ', $in);
2048
  }
2049
 
2050
  /**
@@ -2188,7 +2229,7 @@ Password MD5 %5d %s
2188
  * @return array
2189
  */
2190
  protected function split_types($in, $minimum = 3) {
2191
- $split = preg_split('/(?<=[^[:punct:]])([[:punct:]])|(?<=[^[:alpha:]])([[:alpha:]])|(?<=\D)(\d)/', $in, -1, PREG_SPLIT_OFFSET_CAPTURE|PREG_SPLIT_DELIM_CAPTURE|PREG_SPLIT_NO_EMPTY);
2192
 
2193
  $out = array();
2194
  if (!count($split)) {
6
  * Description: Requires very strong passwords, repels brute force login attacks, prevents login information disclosures, expires idle sessions, notifies admins of attacks and breaches, permits administrators to disable logins for maintenance or emergency reasons and reset all passwords.
7
  *
8
  * Plugin URI: http://wordpress.org/extend/plugins/login-security-solution/
9
+ * Version: 0.28.0
10
+ * (Remember to change the VERSION constant, below, as well!)
11
  * Author: Daniel Convissor
12
  * Author URI: http://www.analysisandsolutions.com/
13
  * License: GPLv2
39
  */
40
  const NAME = 'Login Security Solution';
41
 
42
+ /**
43
+ * This plugin's version
44
+ */
45
+ const VERSION = '0.28.0';
46
+
47
  /**
48
  * This plugin's table name prefix
49
  * @var string
141
  */
142
  protected $table_fail;
143
 
144
+ /**
145
+ * How many seconds would have been slept
146
+ * @var int
147
+ */
148
+ protected $test_sleep;
149
+
150
  /**
151
  * Our usermeta key for tracking when passwords were changed
152
  * @var string
203
 
204
  add_action('login_form_resetpass', array(&$this, 'pw_policy_establish'));
205
 
206
+ add_action('wp_login', array(&$this, 'wp_login'), 1, 2);
207
  add_filter('login_errors', array(&$this, 'login_errors'));
208
  add_filter('login_message', array(&$this, 'login_message'));
209
 
217
  add_action('auth_cookie_expired', array(&$this, 'auth_cookie_expired'));
218
  }
219
 
 
 
 
 
 
 
220
  if (is_admin()) {
221
  $this->load_plugin_textdomain();
222
 
525
 
526
  $codes_to_cloak = array('invalid_email', 'invalidcombo');
527
  if (array_intersect($error_codes, $codes_to_cloak)) {
528
+ // Translation already in WP.
529
  return $this->hsc_utf8(__('Password reset is not allowed for this user'));
530
  }
531
 
672
  * kosher
673
  * @uses login_security_solution::process_pw_metadata() to update user
674
  * metadata
675
+ * @uses login_security_solution::save_verified_ip() to store good IPs
676
  */
677
  public function user_profile_update_errors(&$errors, $update, $user) {
678
+ if (!empty($user->ID) && $user->ID == get_current_user_id()) {
679
+ $this->save_verified_ip($user->ID, $this->get_ip());
680
+ }
681
+
682
  if ($update) {
683
  if (empty($user->user_pass) || empty($user->ID)) {
684
  // Password is not being changed.
698
  // Empty ID means an admin is adding a new user.
699
  if (!empty($user->ID) && !$errors->get_error_codes()) {
700
  $this->process_pw_metadata($user->ID, $user->user_pass);
 
 
 
701
  }
702
 
703
  return $answer;
728
  * @uses login_security_solution::set_pw_force_change() to keep atackers
729
  * from doing damage or changing the account's email address
730
  * @uses login_security_solution::notify_breach() to warn of the breach
731
+ * @uses login_security_solution::calculate_sleep() to set sleep length
732
  */
733
  public function wp_login($user_name, $user) {
734
  if (!$user_name) {
735
  return;
736
  }
 
 
 
 
 
737
 
738
  $ip = $this->get_ip();
739
  $network_ip = $this->get_network_ip($ip);
740
  $pass_md5 = $this->md5(empty($_POST['pwd']) ? '' : $_POST['pwd']);
741
 
742
  $return = 1;
743
+ $sleep = 0;
744
  $fails = $this->get_login_fail($network_ip, $user_name, $pass_md5);
745
 
746
+ if (!$fails['total']) {
747
+ return $return;
748
+ }
749
+
750
  /*
751
  * Keep legitimate users from having to repeatedly reset passwords
752
+ * during active attacks against their user name (password). Do this
753
+ * if the user's current IP address is not involved with the
754
  * recent failed logins and the current IP address has been verified.
755
  */
756
+ if ($fails['network_ip'] <= $this->options['login_fail_breach_pw_force_change']
757
  && in_array($ip, $this->get_verified_ips($user->ID)))
758
  {
759
+ // Use <= instead of <, above, in case
760
+ // login_fail_breach_pw_force_change = 0.
761
+
762
+ ###$this->log("wp_login(): verified IP.");
763
  $return += 8;
764
  $verified_ip = true;
765
  } else {
766
+ ###$this->log("wp_login(): non-verified IP.");
767
  $verified_ip = false;
768
+ // Need to also slow down successful logins so attackers can't use
769
+ // short timeouts to skip the slowdowns from login failures.
770
+ $sleep = $this->calculate_sleep($fails['total']);
771
  }
772
+ $this->test_sleep = $sleep;
773
 
774
  if ($this->options['login_fail_breach_pw_force_change']
775
  && $fails['total'] >= $this->options['login_fail_breach_pw_force_change']
781
  }
782
 
783
  if ($this->options['login_fail_breach_notify']
784
+ && $fails['total'] >= $this->options['login_fail_breach_notify']
785
+ && !$verified_ip)
786
  {
 
787
  ###$this->log("wp_login(): Breach notify.");
788
  $this->notify_breach($network_ip, $user_name, $pass_md5, $fails,
789
  $verified_ip);
790
+ $this->notify_breach_user($user);
 
 
791
  $return += 4;
792
  }
793
 
794
+ if ($sleep && !defined('LOGIN_SECURITY_SOLUTION_TESTING')) {
795
+ ###$this->log("wp_login(): sleep for $sleep seconds.");
796
+ sleep($sleep);
797
+ }
798
+
799
  return $return;
800
  }
801
 
803
  * ===== INTERNAL METHODS ====
804
  */
805
 
806
+ /**
807
+ * Determines how long the current request should sleep() for
808
+ *
809
+ * @param int $fails_total how many falures have taken place
810
+ * @return int the number of seconds to sleep
811
+ */
812
+ protected function calculate_sleep($fails_total) {
813
+ if ($fails_total < $this->options['login_fail_tier_2']) {
814
+ // Use random, overlapping sleep times to complicate profiling.
815
+ return rand(1, 7);
816
+ } elseif ($fails_total < $this->options['login_fail_tier_3']) {
817
+ return rand(4, 30);
818
+ } else {
819
+ return rand(25, 60);
820
+ }
821
+ }
822
+
823
  /**
824
  * Examines and manipulates password grace periods as needed
825
  *
889
  * @return string
890
  */
891
  protected function err($message) {
892
+ // Translation already in WP.
893
  $error = $this->hsc_utf8(__("ERROR"));
894
  $message = $this->hsc_utf8($message);
895
  return "<strong>$error</strong>: $message";
1678
  if (!is_scalar($msg)) {
1679
  $msg = var_export($msg, true);
1680
  }
1681
+ file_put_contents('/var/tmp/' . self::ID . '.log',
1682
+ date('Y-m-d H:i:s') . ": $msg\n", FILE_APPEND);
1683
  }
1684
 
1685
  /**
1857
  . $this->get_notify_counts($network_ip, $user_name, $pass_md5, $fails);
1858
 
1859
  if ($verified_ip) {
1860
+ $message .= __("The user's current IP address is one they have verified with your site in the past. Therefore, the user will NOT be required to confirm their identity via the password reset process. An email will be sent to them, just in case this actually was a breach.", self::ID) . "\n\n";
1861
  } else {
1862
+ $message .= __("The user has been logged out and will be required to confirm their identity via the password reset functionality.", self::ID) . "\n\n";
1863
  }
1864
 
1865
+ $message .= sprintf(__("This message is from the %s plugin (%s) for WordPress.", self::ID),
1866
+ self::NAME, self::VERSION) . "\n";
1867
+
1868
  return wp_mail($to, $subject, $message);
1869
  }
1870
 
1884
  $to = $this->sanitize_whitespace($user->user_email);
1885
 
1886
  $blog = get_option('blogname');
1887
+ $subject = sprintf(__("VERIFY YOU LOGGED IN TO %s", self::ID), $blog);
1888
  $subject = $this->sanitize_whitespace($subject);
1889
 
1890
  $message =
1891
+ sprintf(__("Someone just logged into your '%s' account at %s. Was it you that logged in? We are asking because the site happens to be under attack at the moment.", self::ID), $user->user_login, $blog) . "\n\n"
1892
+
1893
+ . __("If it was NOT YOU, please do the following right away:", self::ID) . "\n"
1894
+ . __(" 1) Log into the site and change your password.", self::ID) . "\n"
1895
+ . sprintf(__(" 2) Send an email to %s letting them know it was not you who logged in.", self::ID), $this->get_admin_email()) . "\n\n"
1896
+
1897
+ . sprintf(__("If it WAS YOU, future hassles can be reduced by logging into the site, going to your profile page, and clicking the '%s' button. The site will remember your IP address as being legitimate.", self::ID), __('Update Profile')) . "\n";
1898
 
1899
  return wp_mail($to, $subject, $message);
1900
  }
1932
 
1933
  . $this->get_notify_counts($network_ip, $user_name, $pass_md5, $fails)
1934
 
1935
+ . sprintf(__("The %s plugin (%s) for WordPress is repelling the attack by making their login failures take a very long time.", self::ID),
1936
+ self::NAME, self::VERSION) . "\n";
1937
 
1938
  return wp_mail($to, $subject, $message);
1939
  }
1954
  * @uses login_security_solution::get_login_fail() to see if
1955
  * they're over the limit
1956
  * @uses login_security_solution::notify_fail() to warn of an attack
1957
+ * @uses login_security_solution::calculate_sleep() to set sleep length
1958
  */
1959
  protected function process_login_fail($user_name, $user_pass,
1960
  $close_db = true)
1980
  $this->notify_fail($network_ip, $user_name, $pass_md5, $fails);
1981
  }
1982
 
1983
+ $sleep = $this->calculate_sleep($fails['total']);
 
 
 
 
 
 
 
1984
 
1985
  if (!defined('LOGIN_SECURITY_SOLUTION_TESTING')) {
1986
  if (is_multisite()) {
2085
  * @return string the cleaned string
2086
  */
2087
  protected function sanitize_whitespace($in) {
2088
+ return preg_replace('/\s+/u', ' ', $in);
2089
  }
2090
 
2091
  /**
2229
  * @return array
2230
  */
2231
  protected function split_types($in, $minimum = 3) {
2232
+ $split = preg_split('/(?<=[^[:punct:]])([[:punct:]])|(?<=[^[:alpha:]])([[:alpha:]])|(?<=\D)(\d)/u', $in, -1, PREG_SPLIT_OFFSET_CAPTURE|PREG_SPLIT_DELIM_CAPTURE|PREG_SPLIT_NO_EMPTY);
2233
 
2234
  $out = array();
2235
  if (!count($split)) {
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=danie
4
  Tags: login, password, passwords, strength, strong, strong passwords, password strength, idle, timeout, maintenance, security, attack, hack, lock, lockdown, ban, brute force, brute, force, authentication, auth, cookie, users
5
  Requires at least: 3.3
6
  Tested up to: 3.4.1
7
- Stable tag: 0.27.0
8
 
9
  Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode lockdown.
10
 
@@ -73,7 +73,7 @@ The tests have caught every password dictionary entry I've tried.
73
  = Improvements Over Similar WordPress Plugins =
74
 
75
  * Multisite network support
76
- * Monitors auth cookies for bad user names and hashes
77
  * Adjusts WordPress' password policy user interfaces
78
  * Takes security seriously so the plugin itself does not open your site
79
  to SQL, HTML, or header injection vulnerabilities
@@ -100,7 +100,7 @@ For reference, the similar plugins include:
100
  * [Simple Login Lockdown](http://wordpress.org/extend/plugins/simple-login-lockdown/)
101
 
102
 
103
- = Compatability with Other Plugins =
104
 
105
  Some plugins provide similar functionality. These overlaps can lead to
106
  conflicts during program execution. Please read the FAQ!
@@ -109,6 +109,7 @@ conflicts during program execution. Please read the FAQ!
109
  = Translations =
110
 
111
  * Français, français (French, France) (fr_FR) by [mermouy](http://wordpress.org/support/profile/mermouy)
 
112
 
113
 
114
  = Why Strong, Unique Passwords Are Important =
@@ -294,13 +295,6 @@ In addition, if you try to log in while your site is being attacked, this
294
  plugin will send you through the password reset process in order to verify
295
  your identity. While not the end of the world, it's inconvenient.
296
 
297
- = Where should I report bugs and feature requests? =
298
-
299
- Report bugs and submit feature requests by opening a ticket in WordPress'
300
- [plugins Trac website](https://plugins.trac.wordpress.org/newticket?component=login-security-solution).
301
-
302
- You can also [view our existing tickets](https://plugins.trac.wordpress.org/query?status=assigned&status=closed&status=new&status=reopened&component=login-security-solution&col=id&col=summary&col=status&col=owner&col=type&col=priority&col=component&desc=1&order=id) there.
303
-
304
  = Where did the "Change All Passwords" interface go? =
305
 
306
  A link to the page is found in this plugin's entry in the "Plugins" admin
@@ -309,6 +303,22 @@ interface:
309
  * Regular sites: Plugins
310
  * Sites using multisite networks: My Sites | Network Admin | Plugins
311
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
312
  = Why use slowdowns instead of lockouts? =
313
 
314
  The best way to go here is a subject open to debate. (Hey what isn't?)
@@ -326,6 +336,13 @@ attacks are fairly easy to initiate these days. If someone really wants to
326
  shut down your site, they'll be able to do it without even touching this
327
  plugin's login failure process.
328
 
 
 
 
 
 
 
 
329
  = How do developers generate the translation files? =
330
 
331
  To update the POT file, do this:
@@ -336,44 +353,76 @@ To update the POT file, do this:
336
  * `./makepot.sh`
337
 
338
  To produce the machine readable translations used by WordPress' gettext
339
- implementation, use the script I made for generating all of the .mo files:
 
340
 
341
  * `cd languages`
 
 
342
  * `./makemos.sh`
343
 
344
 
345
  == Changelog ==
346
 
347
- = 0.27.0 =
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
348
  * Remove the password policy explanation link added in 0.26.0.
349
 
350
- = 0.26.0 =
351
  * Put a link in the password policy to an explanation of why it's necessary.
352
 
353
- = 0.25.0 =
354
  * Load text domain for password policy on password reset page.
355
  * Have password policy mention that it can't contain words related to
356
  the user or the website.
357
 
358
- = 0.24.0 =
359
  * Keep the password strength indicator from being enabled.
360
  * Narrow down when the password policy text filter is enabled.
361
 
362
- = 0.23.0 =
363
  * Split user and site info into components before comparing them.
364
  * Increase minimum password length to 10 characters.
365
 
366
- = 0.22.0 =
367
  * Track a given IP, user name, password combination only once.
368
  * Prevent "not a valid MySQL-Link resource" on auth cookie failure.
369
  * Increase default value of login_fail_notify from 20 to 50.
370
  * Add partial French translation. Settings page needs doing. Thanks
371
  [mermouy](http://wordpress.org/support/profile/mermouy)!
372
 
373
- = 0.21.0 =
374
  * Fix is_pw_outside_ascii() to permit spaces.
375
  * In multisite mode, send notifications to network admin, not blog admin.
376
- * Add "Notifiations To" setting for admins to specify the email addresses
377
  the failure and breach notifications get sent to. (Request #1560)
378
  * Clarify that the Change All Passwords link just goes to the UI.
379
  * Get all unit tests to pass when mbstring isn't enabled.
@@ -384,60 +433,60 @@ the failure and breach notifications get sent to. (Request #1560)
384
  * Tested under WordPress 3.4.1 using regular and multisite.
385
  * Also tested on Windows 7 using PHP 5.4.5 and WordPress 3.4.1.
386
 
387
- = 0.20.2 =
388
  * Ugh, update the translation pot file.
389
 
390
- = 0.20.1 =
391
  * Add "numbers" to the password policy text.
392
 
393
- = 0.20.0 =
394
  * Replace WP's password policy text with our own.
395
 
396
- = 0.19.0 =
397
  * Remove inadvertent log call added in 0.17.0.
398
 
399
- = 0.18.0 =
400
  * Keep legit user from having to repeatedly reset pw during active attacks
401
  against their user name.
402
 
403
- = 0.17.0 =
404
  * Fix network IP query in get_login_fail(). (Bug #1553,
405
  [deanmarktaylor](http://wordpress.org/support/profile/deanmarktaylor))
406
  * Rename files holding expected test results. (Bug #1552,
407
  [deanmarktaylor](http://wordpress.org/support/profile/deanmarktaylor))
408
 
409
- = 0.16.0 =
410
  * Have shell script gracefully handle value already being the desired value.
411
 
412
- = 0.15.0 =
413
  * Log auth cookie failures too.
414
  * Clean up sleep logic. (Bug #1549,
415
  [deanmarktaylor](http://wordpress.org/support/profile/deanmarktaylor))
416
 
417
- = 0.14.0 =
418
  * Fix emails being mistakenly sent in multisite mode that say "There have
419
  been at least 0 failed attempts to log in". (Bug #1548,
420
  [deanmarktaylor](http://wordpress.org/support/profile/deanmarktaylor))
421
  * Add an `.htaccess` file that blocks access to this plugin's directory.
422
 
423
- = 0.13.0 =
424
  * Add a script for turning our "Disable Logins" feature on and off from the
425
  command line.
426
 
427
- = 0.12.0 =
428
  * Display a notice on top of admin pages when our maintenance mode is enabled.
429
 
430
- = 0.11.0 =
431
  * Use `POST` value for `$user_name` in `login_errors()` because global value
432
  isn't always set.
433
  * Add some more (commented out) log() calls to help users help me help them.
434
 
435
- = 0.10.0 =
436
  * Catch $user_ID not being set during "Change All Passwords" submission.
437
  * Add (commented out) log() calls in important spots. Enables users to
438
  help me help them.
439
 
440
- = 0.9.0 =
441
  * Fix change that prevented users from logging in after using the password
442
  reset process with an insecure password. Users can now pick a better
443
  password right on the spot.
@@ -445,28 +494,28 @@ password right on the spot.
445
  * Tested under WordPress 3.3.2 and 3.4RC3, both using regular and multisite.
446
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
447
 
448
- = 0.8.0 =
449
  * Fix logging user out a second time after WordPress expires cookies.
450
  * It turns out this plugin requires WordPress 3.3, not 3.0.
451
  * Tested under WordPress 3.3.2 regular and 3.4beta2 multisite.
452
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
453
 
454
- = 0.7.0 =
455
  * The "lost your password" process now validates passwords.
456
  * Tested under WordPress 3.3.1 regular and 3.4beta2 multisite.
457
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
458
 
459
- = 0.6.1 =
460
  * Minor wording adjustments.
461
 
462
- = 0.6.0 =
463
  * Use `ENT_QUOTES` instead of `ENT_COMPAT` in `htmlspecialchars()` calls
464
  because WordPress mixes and matches the double and single quotes to
465
  delimit attributes.
466
  * Tested under WordPress 3.3.1 regular and 3.4beta2 multisite.
467
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
468
 
469
- = 0.5.0 =
470
  * Have multisite network mode use the saved options instead of the defaults.
471
  * Close more HTML injection vectors. (One would think WordPress' built in
472
  functions would already do this. Alas...)
@@ -476,32 +525,32 @@ Network Admin page.
476
  * Tested under WordPress 3.3.1 regular and 3.4beta2 multisite.
477
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
478
 
479
- = 0.4.0 =
480
  * Add multisite network support.
481
  * Keep unit tests from deleting settings. Note: removes the ability to
482
  run the unit tests without activating the plugin.
483
  * Tested under WordPress 3.3.1 regular and 3.4beta2 multisite.
484
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
485
 
486
- = 0.3.0 =
487
  * Use UTF-8 encoding for `htmlspecialchars()` instead of `DB_CHARSET`.
488
  * Tested under WordPress 3.3.1.
489
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
490
 
491
- = 0.2.1 =
492
  * Ensure all files are in the state I intended. Needed because
493
  WordPress' plugin site automatically rolls releases.
494
 
495
- = 0.2.0 =
496
  * Utilize the $encoding parameter of `htmlspecialchars()` to avoid
497
  problems under PHP 5.4.
498
  * Tested under WordPress 3.3.1.
499
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
500
 
501
- = 0.1.0 =
502
  * Beta release.
503
 
504
- = 0.0.4 =
505
  * Initial import to `plugins.svn.wordpress.org`.
506
 
507
  = 0.0.3 =
@@ -518,7 +567,7 @@ problems under PHP 5.4.
518
  * Tested under WordPress 3.3.1.
519
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
520
 
521
- = 0.0.1 =
522
  * Post the code for public review.
523
  * Tested under WordPress 3.3.1.
524
 
4
  Tags: login, password, passwords, strength, strong, strong passwords, password strength, idle, timeout, maintenance, security, attack, hack, lock, lockdown, ban, brute force, brute, force, authentication, auth, cookie, users
5
  Requires at least: 3.3
6
  Tested up to: 3.4.1
7
+ Stable tag: 0.28.0
8
 
9
  Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode lockdown.
10
 
73
  = Improvements Over Similar WordPress Plugins =
74
 
75
  * Multisite network support
76
+ * Monitors authentication cookies for bad user names and hashes
77
  * Adjusts WordPress' password policy user interfaces
78
  * Takes security seriously so the plugin itself does not open your site
79
  to SQL, HTML, or header injection vulnerabilities
100
  * [Simple Login Lockdown](http://wordpress.org/extend/plugins/simple-login-lockdown/)
101
 
102
 
103
+ = Compatibility with Other Plugins =
104
 
105
  Some plugins provide similar functionality. These overlaps can lead to
106
  conflicts during program execution. Please read the FAQ!
109
  = Translations =
110
 
111
  * Français, français (French, France) (fr_FR) by [mermouy](http://wordpress.org/support/profile/mermouy)
112
+ * Português, Brasil (Portugese, Brazil) (pt_BR) by Valdir Trombini
113
 
114
 
115
  = Why Strong, Unique Passwords Are Important =
295
  plugin will send you through the password reset process in order to verify
296
  your identity. While not the end of the world, it's inconvenient.
297
 
 
 
 
 
 
 
 
298
  = Where did the "Change All Passwords" interface go? =
299
 
300
  A link to the page is found in this plugin's entry in the "Plugins" admin
303
  * Regular sites: Plugins
304
  * Sites using multisite networks: My Sites | Network Admin | Plugins
305
 
306
+ = I just got hit with 500 failed logins! Why isn't this plugin working?!? =
307
+
308
+ Let's turn the question around: "How long did it take to get in those 500
309
+ hits?" Chances are it took hours. (Six hours if they're attacking with one
310
+ thread, 2 hours if they're coming at you with three threads, etc.) If this
311
+ plugin wasn't working, they'd have pulled it off under a minute. Similarly,
312
+ without the slowed responses this plugin provides, an attacker given six
313
+ hours against your site could probably get in over 170,000 hits.
314
+
315
+ Anyway, my real question for you is "Did they get in?" I'll bet not. The
316
+ strong passwords this plugin requires from your users lowers the chances of
317
+ someone breaking in to just about zero.
318
+
319
+ And even if they _do_ get in, Login Security Solution realizes they're
320
+ miscreants and kicks them right out.
321
+
322
  = Why use slowdowns instead of lockouts? =
323
 
324
  The best way to go here is a subject open to debate. (Hey what isn't?)
336
  shut down your site, they'll be able to do it without even touching this
337
  plugin's login failure process.
338
 
339
+ = Where should I report bugs and feature requests? =
340
+
341
+ Report bugs and submit feature requests by opening a ticket in WordPress'
342
+ [plugins Trac website](https://plugins.trac.wordpress.org/newticket?component=login-security-solution).
343
+
344
+ You can also [view our existing tickets](https://plugins.trac.wordpress.org/query?status=assigned&status=closed&status=new&status=reopened&component=login-security-solution&col=id&col=summary&col=status&col=owner&col=type&col=priority&col=component&desc=1&order=id) there.
345
+
346
  = How do developers generate the translation files? =
347
 
348
  To update the POT file, do this:
353
  * `./makepot.sh`
354
 
355
  To produce the machine readable translations used by WordPress' gettext
356
+ implementation, use the scripts I made for generating all of the `.po` and
357
+ `.mo` files:
358
 
359
  * `cd languages`
360
+ * `./makepot.sh`
361
+ * `./updatepos.sh`
362
  * `./makemos.sh`
363
 
364
 
365
  == Changelog ==
366
 
367
+ = 0.28.0 (2012-09-15) =
368
+ * Remove loophole: slow down successful logins as well (for non-verified
369
+ IP addresses). Keeps attackers from using timeouts to skip our delayed
370
+ responses to failed login attempts.
371
+ * Reduce false positives for breach notifications and password resets:
372
+ - Allow users through without incident if the user's Network IP failure
373
+ count is less than the "Breach Email Confirm" setting. The old
374
+ behavior was to do so only if the Network IP failure count was 0.
375
+ - Add user's current IP to their verified IP list whenever they save
376
+ their profile page, not just when they change their password.
377
+ - Fix when user notifications are sent. Do so if the IP address is
378
+ NOT verified instead of if the IP address IS verified. Duh.
379
+ - Don't notify administrators of a successful login if the user is
380
+ coming in from a verified IP address.
381
+ - Change subject line of user notification emails to differentiate them
382
+ from emails sent to admins.
383
+ - Reword user notification email and have it explain how to reduce
384
+ future hassles.
385
+ * Remove URIs from user notification email to avoid phishing imitations.
386
+ * Add pt_BR translation. Thanks to Valdir Trombini.
387
+ * Put plugin version number in admin notification emails.
388
+ * Update the fr_FR translation: update password policy, add settings page.
389
+ * Put Unicode flag on the two preg calls that didn't have it. Fixes
390
+ password parsing problem on Windows.
391
+ * Add date to log() messages.
392
+ * Unit tests pass using PHP 5.4.5-dev, 5.3.16-dev, and 5.2.18-dev.
393
+ * Tested under WordPress 3.4.2 using regular and multisite.
394
+ * Also tested on Windows 7 using PHP 5.4.5 and WordPress 3.4.1.
395
+
396
+ = 0.27.0 (2012-09-04) =
397
  * Remove the password policy explanation link added in 0.26.0.
398
 
399
+ = 0.26.0 (2012-09-01) =
400
  * Put a link in the password policy to an explanation of why it's necessary.
401
 
402
+ = 0.25.0 (2012-08-30) =
403
  * Load text domain for password policy on password reset page.
404
  * Have password policy mention that it can't contain words related to
405
  the user or the website.
406
 
407
+ = 0.24.0 (2012-08-29) =
408
  * Keep the password strength indicator from being enabled.
409
  * Narrow down when the password policy text filter is enabled.
410
 
411
+ = 0.23.0 (2012-08-24) =
412
  * Split user and site info into components before comparing them.
413
  * Increase minimum password length to 10 characters.
414
 
415
+ = 0.22.0 (2012-08-17) =
416
  * Track a given IP, user name, password combination only once.
417
  * Prevent "not a valid MySQL-Link resource" on auth cookie failure.
418
  * Increase default value of login_fail_notify from 20 to 50.
419
  * Add partial French translation. Settings page needs doing. Thanks
420
  [mermouy](http://wordpress.org/support/profile/mermouy)!
421
 
422
+ = 0.21.0 (2012-08-07) =
423
  * Fix is_pw_outside_ascii() to permit spaces.
424
  * In multisite mode, send notifications to network admin, not blog admin.
425
+ * Add "Notifications To" setting for admins to specify the email addresses
426
  the failure and breach notifications get sent to. (Request #1560)
427
  * Clarify that the Change All Passwords link just goes to the UI.
428
  * Get all unit tests to pass when mbstring isn't enabled.
433
  * Tested under WordPress 3.4.1 using regular and multisite.
434
  * Also tested on Windows 7 using PHP 5.4.5 and WordPress 3.4.1.
435
 
436
+ = 0.20.2 (2012-07-12) =
437
  * Ugh, update the translation pot file.
438
 
439
+ = 0.20.1 (2012-07-12) =
440
  * Add "numbers" to the password policy text.
441
 
442
+ = 0.20.0 (2012-07-12) =
443
  * Replace WP's password policy text with our own.
444
 
445
+ = 0.19.0 (2012-07-11) =
446
  * Remove inadvertent log call added in 0.17.0.
447
 
448
+ = 0.18.0 (2012-07-11) =
449
  * Keep legit user from having to repeatedly reset pw during active attacks
450
  against their user name.
451
 
452
+ = 0.17.0 (2012-07-09) =
453
  * Fix network IP query in get_login_fail(). (Bug #1553,
454
  [deanmarktaylor](http://wordpress.org/support/profile/deanmarktaylor))
455
  * Rename files holding expected test results. (Bug #1552,
456
  [deanmarktaylor](http://wordpress.org/support/profile/deanmarktaylor))
457
 
458
+ = 0.16.0 (2012-07-08) =
459
  * Have shell script gracefully handle value already being the desired value.
460
 
461
+ = 0.15.0 (2012-07-06) =
462
  * Log auth cookie failures too.
463
  * Clean up sleep logic. (Bug #1549,
464
  [deanmarktaylor](http://wordpress.org/support/profile/deanmarktaylor))
465
 
466
+ = 0.14.0 (2012-07-05) =
467
  * Fix emails being mistakenly sent in multisite mode that say "There have
468
  been at least 0 failed attempts to log in". (Bug #1548,
469
  [deanmarktaylor](http://wordpress.org/support/profile/deanmarktaylor))
470
  * Add an `.htaccess` file that blocks access to this plugin's directory.
471
 
472
+ = 0.13.0 (2012-07-01) =
473
  * Add a script for turning our "Disable Logins" feature on and off from the
474
  command line.
475
 
476
+ = 0.12.0 (2012-06-30) =
477
  * Display a notice on top of admin pages when our maintenance mode is enabled.
478
 
479
+ = 0.11.0 (2012-06-28) =
480
  * Use `POST` value for `$user_name` in `login_errors()` because global value
481
  isn't always set.
482
  * Add some more (commented out) log() calls to help users help me help them.
483
 
484
+ = 0.10.0 (2012-06-16) =
485
  * Catch $user_ID not being set during "Change All Passwords" submission.
486
  * Add (commented out) log() calls in important spots. Enables users to
487
  help me help them.
488
 
489
+ = 0.9.0 (2012-06-16) =
490
  * Fix change that prevented users from logging in after using the password
491
  reset process with an insecure password. Users can now pick a better
492
  password right on the spot.
494
  * Tested under WordPress 3.3.2 and 3.4RC3, both using regular and multisite.
495
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
496
 
497
+ = 0.8.0 (2012-04-29) =
498
  * Fix logging user out a second time after WordPress expires cookies.
499
  * It turns out this plugin requires WordPress 3.3, not 3.0.
500
  * Tested under WordPress 3.3.2 regular and 3.4beta2 multisite.
501
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
502
 
503
+ = 0.7.0 (2012-04-25) =
504
  * The "lost your password" process now validates passwords.
505
  * Tested under WordPress 3.3.1 regular and 3.4beta2 multisite.
506
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
507
 
508
+ = 0.6.1 (2012-04-19) =
509
  * Minor wording adjustments.
510
 
511
+ = 0.6.0 (2012-04-18) =
512
  * Use `ENT_QUOTES` instead of `ENT_COMPAT` in `htmlspecialchars()` calls
513
  because WordPress mixes and matches the double and single quotes to
514
  delimit attributes.
515
  * Tested under WordPress 3.3.1 regular and 3.4beta2 multisite.
516
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
517
 
518
+ = 0.5.0 (2012-04-18) =
519
  * Have multisite network mode use the saved options instead of the defaults.
520
  * Close more HTML injection vectors. (One would think WordPress' built in
521
  functions would already do this. Alas...)
525
  * Tested under WordPress 3.3.1 regular and 3.4beta2 multisite.
526
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
527
 
528
+ = 0.4.0 (2012-04-17) =
529
  * Add multisite network support.
530
  * Keep unit tests from deleting settings. Note: removes the ability to
531
  run the unit tests without activating the plugin.
532
  * Tested under WordPress 3.3.1 regular and 3.4beta2 multisite.
533
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
534
 
535
+ = 0.3.0 (2012-04-04) =
536
  * Use UTF-8 encoding for `htmlspecialchars()` instead of `DB_CHARSET`.
537
  * Tested under WordPress 3.3.1.
538
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
539
 
540
+ = 0.2.1 (2012-04-03) =
541
  * Ensure all files are in the state I intended. Needed because
542
  WordPress' plugin site automatically rolls releases.
543
 
544
+ = 0.2.0 (2012-04-03) =
545
  * Utilize the $encoding parameter of `htmlspecialchars()` to avoid
546
  problems under PHP 5.4.
547
  * Tested under WordPress 3.3.1.
548
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
549
 
550
+ = 0.1.0 (2012-03-26) =
551
  * Beta release.
552
 
553
+ = 0.0.4 (2012-03-22) =
554
  * Initial import to `plugins.svn.wordpress.org`.
555
 
556
  = 0.0.3 =
567
  * Tested under WordPress 3.3.1.
568
  * Unit tests pass using PHP 5.4.0RC8-dev, 5.3.11-dev, and 5.2.18-dev.
569
 
570
+ = 0.0.1 (2012-03-19) =
571
  * Post the code for public review.
572
  * Tested under WordPress 3.3.1.
573
 
tests/LoginFailTest.php CHANGED
@@ -56,6 +56,8 @@ class LoginFailTest extends TestCase {
56
  $options['login_fail_breach_notify'] = 4;
57
  $options['login_fail_breach_pw_force_change'] = 4;
58
  self::$lss->options = $options;
 
 
59
  }
60
 
61
 
@@ -151,7 +153,8 @@ class LoginFailTest extends TestCase {
151
  public function test_process_login_fail__pre_threshold() {
152
  global $wpdb;
153
 
154
- self::$lss->process_login_fail($this->user_name, 'reed');
 
155
 
156
  $this->assertInternalType('integer', $wpdb->insert_id,
157
  'This should be an insert id.');
@@ -178,6 +181,7 @@ class LoginFailTest extends TestCase {
178
  public function test_wp_login__pre_breach_threshold() {
179
  $actual = self::$lss->wp_login($this->user_name, $this->user);
180
  $this->assertSame(1, $actual, 'wp_login() return value...');
 
181
 
182
  $actual = self::$lss->get_pw_force_change($this->user->ID);
183
  $this->assertFalse($actual, 'get_pw_force_change() return value...');
@@ -191,12 +195,13 @@ class LoginFailTest extends TestCase {
191
 
192
  try {
193
  // Do THE deed.
194
- self::$lss->process_login_fail($this->user_name, $this->pass_md5);
195
  } catch (Exception $e) {
196
  $this->fail($e->getMessage());
197
  }
198
 
199
  $this->check_mail_file();
 
200
  }
201
 
202
  /**
@@ -212,6 +217,7 @@ class LoginFailTest extends TestCase {
212
  $this->fail($e->getMessage());
213
  }
214
  $this->assertSame(7, $actual, 'Bad return value.');
 
215
 
216
  $actual = self::$lss->get_pw_force_change($this->user->ID);
217
  $this->assertTrue($actual, 'get_pw_force_change() return value...');
@@ -226,7 +232,6 @@ class LoginFailTest extends TestCase {
226
  */
227
  public function test_wp_login__post_breach_threshold_verified_ip() {
228
  global $wpdb;
229
- self::$mail_file_basename = __METHOD__;
230
 
231
  $wpdb->query('SAVEPOINT pre_verified_ip');
232
 
@@ -242,14 +247,13 @@ class LoginFailTest extends TestCase {
242
  } catch (Exception $e) {
243
  $this->fail($e->getMessage());
244
  }
245
- $this->assertSame(13, $actual, 'Bad return value.');
 
246
 
247
  $actual = self::$lss->get_pw_force_change($this->user->ID);
248
  $this->assertFalse($actual, 'get_pw_force_change() return value...');
249
 
250
  $wpdb->query('ROLLBACK TO pre_verified_ip');
251
-
252
- $this->check_mail_file();
253
  }
254
 
255
  /**
@@ -270,6 +274,7 @@ class LoginFailTest extends TestCase {
270
  $this->fail($e->getMessage());
271
  }
272
  $this->assertSame(5, $actual, 'Bad return value.');
 
273
 
274
  $actual = self::$lss->get_pw_force_change($this->user->ID);
275
  $this->assertFalse($actual, 'get_pw_force_change() return value...');
@@ -298,6 +303,7 @@ class LoginFailTest extends TestCase {
298
  $this->fail($e->getMessage());
299
  }
300
  $this->assertSame(3, $actual, 'Bad return value.');
 
301
 
302
  $actual = self::$lss->get_pw_force_change($this->user->ID);
303
  $this->assertTrue($actual, 'get_pw_force_change() return value...');
@@ -320,7 +326,8 @@ class LoginFailTest extends TestCase {
320
  } catch (Exception $e) {
321
  $this->fail($e->getMessage());
322
  }
323
- $this->assertSame(-1, $actual, 'Bad return value.');
 
324
 
325
  $actual = self::$lss->get_pw_force_change($this->user->ID);
326
  $this->assertFalse($actual, 'get_pw_force_change() return value...');
56
  $options['login_fail_breach_notify'] = 4;
57
  $options['login_fail_breach_pw_force_change'] = 4;
58
  self::$lss->options = $options;
59
+
60
+ self::$lss->test_sleep = null;
61
  }
62
 
63
 
153
  public function test_process_login_fail__pre_threshold() {
154
  global $wpdb;
155
 
156
+ $sleep = self::$lss->process_login_fail($this->user_name, 'reed');
157
+ $this->assertGreaterThan(0, $sleep, 'Sleep was not set.');
158
 
159
  $this->assertInternalType('integer', $wpdb->insert_id,
160
  'This should be an insert id.');
181
  public function test_wp_login__pre_breach_threshold() {
182
  $actual = self::$lss->wp_login($this->user_name, $this->user);
183
  $this->assertSame(1, $actual, 'wp_login() return value...');
184
+ $this->assertGreaterThan(0, self::$lss->test_sleep, 'Sleep not set.');
185
 
186
  $actual = self::$lss->get_pw_force_change($this->user->ID);
187
  $this->assertFalse($actual, 'get_pw_force_change() return value...');
195
 
196
  try {
197
  // Do THE deed.
198
+ $sleep = self::$lss->process_login_fail($this->user_name, $this->pass_md5);
199
  } catch (Exception $e) {
200
  $this->fail($e->getMessage());
201
  }
202
 
203
  $this->check_mail_file();
204
+ $this->assertGreaterThan(0, $sleep, 'Sleep was not set.');
205
  }
206
 
207
  /**
217
  $this->fail($e->getMessage());
218
  }
219
  $this->assertSame(7, $actual, 'Bad return value.');
220
+ $this->assertGreaterThan(0, self::$lss->test_sleep, 'Sleep not set.');
221
 
222
  $actual = self::$lss->get_pw_force_change($this->user->ID);
223
  $this->assertTrue($actual, 'get_pw_force_change() return value...');
232
  */
233
  public function test_wp_login__post_breach_threshold_verified_ip() {
234
  global $wpdb;
 
235
 
236
  $wpdb->query('SAVEPOINT pre_verified_ip');
237
 
247
  } catch (Exception $e) {
248
  $this->fail($e->getMessage());
249
  }
250
+ $this->assertSame(9, $actual, 'Bad return value.');
251
+ $this->assertSame(0, self::$lss->test_sleep, 'Sleep should be 0.');
252
 
253
  $actual = self::$lss->get_pw_force_change($this->user->ID);
254
  $this->assertFalse($actual, 'get_pw_force_change() return value...');
255
 
256
  $wpdb->query('ROLLBACK TO pre_verified_ip');
 
 
257
  }
258
 
259
  /**
274
  $this->fail($e->getMessage());
275
  }
276
  $this->assertSame(5, $actual, 'Bad return value.');
277
+ $this->assertGreaterThan(0, self::$lss->test_sleep, 'Sleep not set.');
278
 
279
  $actual = self::$lss->get_pw_force_change($this->user->ID);
280
  $this->assertFalse($actual, 'get_pw_force_change() return value...');
303
  $this->fail($e->getMessage());
304
  }
305
  $this->assertSame(3, $actual, 'Bad return value.');
306
+ $this->assertGreaterThan(0, self::$lss->test_sleep, 'Sleep not set.');
307
 
308
  $actual = self::$lss->get_pw_force_change($this->user->ID);
309
  $this->assertTrue($actual, 'get_pw_force_change() return value...');
326
  } catch (Exception $e) {
327
  $this->fail($e->getMessage());
328
  }
329
+ $this->assertSame(1, $actual, 'Bad return value.');
330
+ $this->assertGreaterThan(0, self::$lss->test_sleep, 'Sleep not set.');
331
 
332
  $actual = self::$lss->get_pw_force_change($this->user->ID);
333
  $this->assertFalse($actual, 'get_pw_force_change() return value...');
tests/expected/en_US/LoginFailTest--test_process_login_fail__post_threshold CHANGED
@@ -12,4 +12,4 @@ Network IP 4 1.2.38
12
  Username 4 test
13
  Password MD5 %d %s
14
 
15
- The Login Security Solution plugin for WordPress is repelling the attack by making their login failures take a very long time.
12
  Username 4 test
13
  Password MD5 %d %s
14
 
15
+ The Login Security Solution plugin (%s) for WordPress is repelling the attack by making their login failures take a very long time.
tests/expected/en_US/LoginFailTest--test_wp_login__post_breach_threshold CHANGED
@@ -13,3 +13,15 @@ Username 4 test
13
  Password MD5 %d %s
14
 
15
  The user has been logged out and will be required to confirm their identity via the password reset functionality.
 
 
 
 
 
 
 
 
 
 
 
 
13
  Password MD5 %d %s
14
 
15
  The user has been logged out and will be required to confirm their identity via the password reset functionality.
16
+
17
+ This message is from the Login Security Solution plugin (%s) for WordPress.
18
+ To: %a
19
+ Subject: VERIFY YOU LOGGED IN TO %a
20
+
21
+ Someone just logged into your '%s' account at %s. Was it you that logged in? We are asking because the site happens to be under attack at the moment.
22
+
23
+ If it was NOT YOU, please do the following right away:
24
+ 1) Log into the site and change your password.
25
+ 2) Send an email to %s letting them know it was not you who logged in.
26
+
27
+ If it WAS YOU, future hassles can be reduced by logging into the site, going to your profile page, and clicking the 'Update Profile' button. The site will remember your IP address as being legitimate.
tests/expected/en_US/LoginFailTest--test_wp_login__post_breach_threshold_verified_ip DELETED
@@ -1,25 +0,0 @@
1
- To: %a
2
- Subject: POTENTIAL INTRUSION AT %a
3
-
4
- Your website, %s, may have been broken in to.
5
-
6
- Someone just logged in using the following components. Prior to that, some combination of those components were a part of 4 failed attempts to log in during the past 60 minutes:
7
-
8
-
9
- Component Count Value from Current Attempt
10
- ------------------------ ----- --------------------------------
11
- Network IP 0 1.2.33
12
- Username 4 test
13
- Password MD5 %d %s
14
-
15
- The user's current IP address is one they have verified with your site in the past. Therefore, the user will NOT be required to confirm their identity via the password reset process. An email will be sent to them, just in case this actually was a breach.
16
- To: %a
17
- Subject: POTENTIAL INTRUSION AT %a
18
-
19
- Someone just logged into your '%s' account at %s. Was it you that logged in? We are asking because the site is being attacked.
20
-
21
- IF IT WAS NOT YOU, please do the following right away:
22
-
23
- 1) Log into %s and change your password.
24
-
25
- 2) Send an email to %s letting them know it was not you who logged in.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
tests/expected/fr_FR/LoginFailTest--test_process_login_fail__post_threshold CHANGED
@@ -12,4 +12,4 @@ Réseau IP 4 1.2.38
12
  Nom d'utilisateur 4 test
13
  MD5 du mot de passe %d %s
14
 
15
- Le plugin %s pour WordPress pare l'attaque en ralentissant la réponse à chaque tentative échouée.
12
  Nom d'utilisateur 4 test
13
  MD5 du mot de passe %d %s
14
 
15
+ Le plugin %s (%s) pour WordPress pare l'attaque en ralentissant la réponse à chaque tentative échouée.
tests/expected/fr_FR/LoginFailTest--test_wp_login__post_breach_threshold CHANGED
@@ -13,3 +13,13 @@ Nom d'utilisateur 4 test
13
  MD5 du mot de passe %d %s
14
 
15
  L'utilisateur à été déconnecté et il devra confirmer son identité via le processus de changement de mot de passe.
 
 
 
 
 
 
 
 
 
 
13
  MD5 du mot de passe %d %s
14
 
15
  L'utilisateur à été déconnecté et il devra confirmer son identité via le processus de changement de mot de passe.
16
+
17
+ Ce message provient du plugin Login Security Solution (%s) pour WordPress.
18
+ To: %a
19
+ Subject: INTRUSION POSSIBLE A %a
20
+
21
+ Quelqu'un a %s vient de se connecter en tant que '%s'. Était-ce vous? Nous vous posons la question parce que le site semble subir une attaque.
22
+
23
+ Si ce n'était PAS VOUS, veuillez suivre ces consignes au plus vite:
24
+ 1) Connectez vous à %s et changez votre mot de passe.
25
+ 2) Envoyez un message à %s pour les prévenir que ce n'était pas vous qui vous êtes connecté récemment.
tests/expected/fr_FR/LoginFailTest--test_wp_login__post_breach_threshold_verified_ip DELETED
@@ -1,25 +0,0 @@
1
- To: %a
2
- Subject: INTRUSION POSSIBLE A %a
3
-
4
- Votre site, %s, a peut-être été corrompu.
5
-
6
- Quelqu'un vient de se connecter avec les données qui suivent. Avant cela, plusieurs de ces éléments ont été utilisés parmi les %d tentatives de connexion au cours des %d dernières minutes:
7
-
8
-
9
- Composant Nombre Valeur de la tentative courante
10
- ------------------------ ----- --------------------------------
11
- Réseau IP 0 1.2.33
12
- Nom d'utilisateur 4 test
13
- MD5 du mot de passe %d %s
14
-
15
- L'adresse IP utilisée à déjà été vérifiée auparavant. C'est pourquoi l'utilisateur ne devra PAS nécessairement confirmer son identité via le processus de changement de mot de passe. Un email lui sera envoyé, au cas où ce serait effectivement un intrusion.
16
- To: %a
17
- Subject: INTRUSION POSSIBLE A %a
18
-
19
- Quelqu'un a %s vient de se connecter en tant que '%s'. Était-ce vous? Nous vous posons la question parce que le site semble subir une attaque.
20
-
21
- SI CE N'ÉTAIT PAS VOUS, veuillez suivre ces consignes au plus vite:
22
-
23
- 1) Connectez vous à %s et changez votre mot de passe.
24
-
25
- 2) Envoyez un message à %s pour les prévenir que ce n'était pas vous qui vous êtes connecté récemment.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
tests/expected/pt_BR/LoginFailTest--test_process_login_fail__post_threshold ADDED
@@ -0,0 +1,15 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ To: %a
2
+ Subject: ATAQUE ACONTECENDO NO %s
3
+
4
+ Seu website, %s, está passando por um ataque de força bruta.
5
+
6
+ Houve pelo menos %d tentativas para iniciar sessão durante os últimos %d minutos, que usaram um ou mais dos seguintes componentes:
7
+
8
+
9
+ Componente o valor é Valor da tentativa atual
10
+ ------------------------ ----- --------------------------------
11
+ O IP da rede 4 1.2.38
12
+ Nome do usuário 4 test
13
+ Senha MD5 %d %s
14
+
15
+ O plugin %s (%s) para o WordPress está repelindo ao ataque de força bruta, na tentativa de descobrir o seu login, fazendo demorar um tempo muito longo entre as falhas.
tests/expected/pt_BR/LoginFailTest--test_wp_login__post_breach_threshold ADDED
@@ -0,0 +1,25 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ To: %a
2
+ Subject: INVASÃO EM POTENCIAL %s
3
+
4
+ Seu website,%s, pode ter sido arrombado e invadido.
5
+
6
+ Alguém acabou logado com os seguintes componentes. Antes disso, uma combinação desses componentes eram uma parte de %d tentativas para iniciar sessão durante os últimos %d minutos:
7
+
8
+
9
+ Componente o valor é Valor da tentativa atual
10
+ ------------------------ ----- --------------------------------
11
+ O IP da rede 4 1.2.38
12
+ Nome do usuário 4 test
13
+ Senha MD5 %d %s
14
+
15
+ O usuário foi desconectado e será obrigado a confirmar sua identidade através da funcionalidade de redefinição de senha.
16
+
17
+ Esta mensagem é proveniente do plugin Login Security Solution (%s) do seu WordPress.
18
+ To: %a
19
+ Subject: INVASÃO EM POTENCIAL %s
20
+
21
+ Alguém acabou logado em sua '%s' conta em %s. É você que está logado? Estamos pedindo essa informação, pois o site está sendo atacado.
22
+
23
+ Se NÃO for VOCÊ, por favor, faça o seguinte imediatamente:
24
+ 1) Entre no %s e altere imediatamente a sua senha.
25
+ 2) Enviar um e-mail para %s, deixando que ele saiba que não foi você que fez o acesso.