Add nonce to wp-login
Closed this issue · 1 comments
mboynes commented
Description
wp-login.php doesn't have a nonce. Ideally, this would be a proper nonce that is only usable once (stored in the object cache or the database), even though that would add overhead to the login process and require the page to be uncached.
Here is a plugin that provides a reasonable starting point.
Use Case
Nonces are a best practice for forms. In addition to preventing CSRF attacks, they can help mitigate brute-force attacks by at least slowing them down. Further, since WordPress-focused bot networks don't expect there to be a nonce, adding nonces is low-hanging fruit that will instantly protect against the most common attacks.
anubisthejackle commented
After discussing this in Slack, it seems we have a path forward using:
- Core WP nonces with a limited life span (15 to 30 minutes)
- Should this number be filterable?
- A meta-refresh on the page to trigger at nonce expiration.