Google
Current tag: brute force
Understanding WordPress Auth Cookies
Written on:April 20, 2014
Introduction A recently published vulnerability prompted me to take another look at the wp_validate_auth_cookie WordPress function which is responsible for validating authenticated user requests and ultimately controls access to to your WordPress installation. This post is not about that specific vulnerability (more info here) but rather about how WordPress generates and validates authentication cookies to authorize user requests. If you’re a WordPress user, I encourage you to read on to see what stands between malicious actors and…
Read more...In category: Web Security
Tags:authentication , brute force , cookie , hash , key , password , salt , secret , wordpress , wp_validate_auth_cookie
Tags:authentication , brute force , cookie , hash , key , password , salt , secret , wordpress , wp_validate_auth_cookie
are closed