Hi @rolandototo
By default, WordPress does not make the login username case-sensitive. This means that if you create a user with the username “user” and someone tries to log in with the username “UsEr,” they will still be able to log in.
However, making the login username case-sensitive is possible by adding a small piece of code to your WordPress site. Here is the code you can use:
function login_case_sensitive( $user, $username, $password ) {
$user_id = username_exists($username);
if( !$user_id ) {
return $user;
}
$user_obj = get_user_by('id', $user_id);
if( $username !== $user_obj->user_login ) {
return new WP_Error( 'authentication_failed', __( '<strong>ERROR</strong>: Invalid username or password.' ) );
}
return $user;
}
add_filter( 'authenticate', 'login_case_sensitive', 20, 3 );
To use this code, you will need to add it to your WordPress site’s functions.php file or a custom plugin. Once you have added the code, the login username will be case-sensitive, and users will not be able to log in with a username that does not match the case of the original username.
Keep in mind that making the login username case-sensitive can confuse users unaware of the change, so it is essential to consider whether this is a necessary change for your site.
