alex0311

Hello,

Do you know if it works with Stripe ?
Thank

Perfect, thank you very much.

@lawrenceowen Thanks, but it asks me an email/username and a password to login. (I get automatically redirected to https://vault.star-emea.com/login?redirect_url=/f/13063687 )

Hello,

The link that you gave (https://vault.star-emea.com/s/FCaPDGG3C5A4ssr) is not working, can you give a new one please ?

Thanks.

Hi, yes update has already added strong features to avoid a brute force attack.

Thanks you.

Closed.

So I tried and there is a strange behavior :
If you try an attempt after the code has expired, the plugin still try to check if the code has attempts left and if it is, it says that’s you have x attempts left and if not, says that you must request a new code.

If you entered the correct code, then it says that’s the code had expired.

Maybe it is the expected behavior ?

Also, for the plugin description :

FILTER THE CHARACTERS TO BE USED WHEN GENERATING A CODE, YOU CAN USE ANY STRING YOU WANT, DEFAULT IS 01234567890
add_filter( ‘bdpwr_selection_string’ , function( $string ) {
return ‘01234567890’;
}, 10 , 4 );

Default value should be 0123456789 instead of 01234567890, no ?

Else, everything is working fine.

It looks good, I’ll try it tomorrow.
For locking and unlocking account I think that you should save in MySQL the timestamp with email and check when a user ask a new code if timestamp is more than 10 min, else return an error.

Thank you

Yes, locking and blocking is my favorite solution since it definitively prevents brute force attack.