Chap Secure Login a WordPress Plugin for secure password authentication

Chap Secure Login, ok… what?! O.o

You are in a cafeteria and you have to write a new blog post about an amazing donuts :), you login and someone can steal your password.

You’re in a coworking area and you have to respond to a comment on your blog, you login and someone can steal your password.

Why?

When you try to login in your blog, the password is going from your computer to an hosting server as well have been written, and anyone can read it.

With Chap Secure Login your super string password “123456” is transformed in a string like this one: 8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12

and now you have a secure password authentication system without any server configuration.

How do I use it?

It is very easy to use it; after that you have activated it from the wordpress plugins panel, you only have to logout and try to login again. After this operation the password will be encripted even on insecure channels and now you have a secure password authentication system.

Can you be more specific?

The downside image explains the way it works, based upon the CHAP protocol. It uses a random number to chiper the key and to verify it.

Chap Secure Login Security Schema for Secure password authentication
Chap Secure Login Security Schema for Secure password authentication

Changelog

Version 1.6.2: Change plugin website url

Version 1.6.1: Change author information

Version 1.6: Now use a SHA-256 cryptographic hash function instead of MD5. Safer!

Version 1.5.2: Nothing special, just an icon to notify the encryption password!

Version 1.5.1: Fixed javascript bug “hex_md5() not found!”

Version 1.5

  • Fixed bug “login failed” with XMLRPC API used by many software like Windows Live Writer
  • Added “Change Log” section 🙂