Hacked using WP Lost Password?

A Saudi guy was trying to hack my website... Of-course, due to my knowledge of security, his attempts were not successful. But he reminded me of the method, thus I am posting it to help other Wordpress users to secure their blogs.

Simply he tries to reset the password using wordpress lostpassword function.. I will not post the details of the method, so people don't try it on other blogs..

However, if you maintain a wordpress blog, you can disable the function using a simple plugin:

?', '', $text ); } add\_filter ( 'login\_errors', 'remove\_password\_reset\_text\_in'); ?>

Upload to plugins directory and enable in the plugins... This will protect you from lost-password attacks.