WPBeginner

Beginner's Guide for WordPress

  • Blog
    • Beginners Guide
    • News
    • Opinion
    • Showcase
    • Themes
    • Tutorials
    • WordPress Plugins
  • Start Here
    • How to Start a Blog
    • Create a Website
    • Start an Online Store
    • Best Website Builder
    • Email Marketing
    • WordPress Hosting
    • Business Name Ideas
  • Deals
    • Bluehost Coupon
    • SiteGround Coupon
    • WP Engine Coupon
    • HostGator Coupon
    • Domain.com Coupon
    • Constant Contact
    • View All Deals »
  • Glossary
  • Videos
  • Products
X
☰
Beginner's Guide for WordPress / Start your WordPress Blog in minutes
Choosing the Best
WordPress Hosting
How to Easily
Install WordPress
Recommended
WordPress Plugins
View all Guides

WPBeginner» Blog» Tutorials» How to Disable Login Hints in WordPress Login Error Messages

How to Disable Login Hints in WordPress Login Error Messages

Last updated on June 27th, 2016 by Editorial Staff
128 Shares
Share
Tweet
Share
Pin
Free WordPress Video Tutorials on YouTube by WPBeginner
How to Disable Login Hints in WordPress Login Error Messages

Recently, one of our users asked us how they can disable login hints in WordPress. By default, WordPress show error messages when someone enters incorrect username or password on the login page. These error messages can be used as a hint to guess a username, user email address, or password. In this article, we will show you how to disable login hints in WordPress login error messages.

Hide login hints in WordPress

What Are Login Hints in WordPress Login Error Messages

During login, WordPress shows this error message when a user enters incorrect username

ERROR: Invalid username. Lost your password?

Invalid username error

If someone enters correct username with wrong password, then WordPress shows this message:

ERROR: The password you entered for the username johnsmith is incorrect. Lost your password?

Incorrect password

If someone is trying to guess your username, then this error message confirms that they have successfully guessed it.

Since WordPress 4.5, you can also login to your WordPress site using email address instead of username. These login hints can also confirm that you are using a particular email address for your admin account.

For most WordPress users this is probably not a big issue. But for people who are cautious about privacy and security, this could be a problematic thing.

For better security, you should always use unique usernames and strong passwords for your admin account. See our guide on the best way to manage passwords for WordPress beginners.

Having said that, let’s take a look at how to hide these login hints in WordPress login error messages.

To make it easy, we have created a video tutorial on how to disable login hints in WordPress login error messages.

Subscribe to WPBeginner

However if you just want to follow text-instructions, then you can follow our step by step tutorial on how to disable login hints in WordPress login error messages.

Hiding Login Hints in WordPress

Simply add the following code to your theme’s functions.php file or a site-specific plugin.

function no_wordpress_errors(){
  return 'Something is wrong!';
}
add_filter( 'login_errors', 'no_wordpress_errors' );

This code adds your custom message as a filter to login errors. This will override default WordPress login errors.

Now if someone enters incorrect username, password, or email, WordPress would simply show the error ‘Something is wrong’ without giving any hints.

No login hints

While this code can hide login errors, it cannot save you from more sophisticated hacking attempts or brute force attacks.

We use Sucuri to protect all our websites against common security threats. Sucuri comes with a website firewall that can block any suspicious activity from reaching to your site. See how sucuri helped us block 450,000 WordPress attacks in 3 months

We hope this article helped you hide login hints from WordPress login error messages. You may also want to see these on 13 tips and hacks to protect your WordPress admin area.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

128 Shares
Share
Tweet
Share
Pin
Popular on WPBeginner Right Now!
  • Google Analytics in WordPress

    How to Install Google Analytics in WordPress for Beginners

  • How to Fix the Error Establishing a Database Connection in WordPress

    How to Fix the Error Establishing a Database Connection in WordPress

  • How to Start Your Own Podcast (Step by Step)

    How to Start Your Own Podcast (Step by Step)

  • Revealed: Why Building an Email List is so Important Today (6 Reasons)

    Revealed: Why Building an Email List is so Important Today (6 Reasons)

About the Editorial Staff

Editorial Staff at WPBeginner is a team of WordPress experts led by Syed Balkhi. Trusted by over 1.3 million readers worldwide.

The Ultimate WordPress Toolkit

16 Comments

Leave a Reply
  1. Vahn says:
    Feb 18, 2021 at 6:31 am

    Thank you loads! I spent hours looking for the place to change this.

    Reply
    • WPBeginner Support says:
      Feb 18, 2021 at 9:15 am

      Glad our guide was helpful :)

      Reply
  2. Izzy says:
    Oct 6, 2019 at 4:15 am

    When I add this to my WpTouch plugin, it shows a part of the code in my header…

    Reply
    • WPBeginner Support says:
      Oct 7, 2019 at 10:36 am

      As long as the code is working on the desktop version you would want to reach out to WPTouch to let them know about that issue to take a look.

      Reply
  3. Anand says:
    Jun 16, 2018 at 2:45 am

    Well it is easy to know the username if it is right, as when entered correct username and the wrong password, the username field does not get blank even after getting the ‘something is wrong’ warning. Which clearly is a hint the yes this is the correct username. Is there any way to make the username field blank in this scenario. Please help.

    Reply
  4. Shane says:
    Feb 19, 2017 at 11:08 pm

    Is there a way to change the text of the error message on the lostpassword page that says by default, “Please enter your username or email address. You will receive a link to create a new password via email.”?

    I can’t seem to find any material on the subject

    Reply
    • Nick says:
      Oct 22, 2017 at 7:02 am

      I was wondering the same thing. Why can’t we just change the wording of the error message instead of adding a function that might be overwritten with the next update?

      Reply
  5. Paco says:
    May 27, 2016 at 6:34 am

    The only thing is that when you enter a correct username and an incorrect password, it gives a message “something is wrong” but you can see the username, which confirms it in case you have guessed it. I don´t know if this happens in WordPress 4.5. Is there any way of leaving the username field blank even though it´s correct? Thank you

    Reply
  6. maudenicholson2 says:
    May 12, 2016 at 7:37 am

    I am curious to find out what blog system you’re using? I’m having some small security issues with my latest website and I would like to find something more safeguarded. Do you have any solutions?

    Reply
    • WPBeginner Support says:
      May 12, 2016 at 10:06 pm

      We are using WordPress with Sucuri.

      Reply
  7. freyaewu73605919 says:
    May 4, 2016 at 9:19 pm

    I am truly thankful to the owner of this web page who has shared this enormous article at at this time.

    Reply
  8. deneengranger says:
    May 4, 2016 at 3:41 pm

    Do you have any video of that? I’d like to find out some additional information.

    Reply
    • WPBeginner Support says:
      May 4, 2016 at 10:25 pm

      Video will be available soon. Please subscribe to our YouTube Channel.

      Reply
  9. Bob says:
    May 4, 2016 at 2:11 pm

    WP Simple Firewall or Shield gives you the ability to hide the login menu, lock down the Dashboard and it comes with Sucuri and Brute Attack prevention. It is a free plugin, use it in conjunction with a password manager, so you don’t forget or misplace your passwords. I use Lastpass, which is also free. Shield replaced six security plugins and sped up my website.

    Reply
  10. Phillip George says:
    Apr 28, 2016 at 3:46 am

    Is there a help line in Australia as I have forgotten my user name for logon being a little old it is a problem

    Reply
    • Bob says:
      May 4, 2016 at 2:37 pm

      G’day Phillip, sorry mate no help line. Try going through whoever hosts your website, they should be able to help you out. Once reset use a password manager like Lastpass, you only have to remember one password. WRITE IT DOWN; did I say write it down because if you don’t, WRITE IT DOWN you’ll really will be up the creek, without a paddle.

      Reply

Leave a Reply Cancel reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.

Over 1,320,000+ Readers

Get fresh content from WPBeginner

Featured WordPress Plugin
Smash Balloon
Smash Balloon
Add Custom Social Media Feeds in WordPress. Learn More »
How to Start a Blog How to Start a Blog
I need help with ...
Starting a
Blog
WordPress
Performance
WordPress
Security
WordPress
SEO
WordPress
Errors
Building an
Online Store
Useful WordPress Guides
    • 7 Best WordPress Backup Plugins Compared (Pros and Cons)
    • How to Fix the Error Establishing a Database Connection in WordPress
    • Why You Need a CDN for your WordPress Blog? [Infographic]
    • 30 Legit Ways to Make Money Online Blogging with WordPress
    • Self Hosted WordPress.org vs. Free WordPress.com [Infograph]
    • Free Recording: WordPress Workshop for Beginners
    • 24 Must Have WordPress Plugins for Business Websites
    • How to Properly Move Your Blog from WordPress.com to WordPress.org
    • 5 Best Contact Form Plugins for WordPress Compared
    • Which is the Best WordPress Popup Plugin? (Comparison)
    • Best WooCommerce Hosting in 2020 (Comparison)
    • How to Fix the Internal Server Error in WordPress
    • How to Install WordPress - Complete WordPress Installation Tutorial
    • Why You Should Start Building an Email List Right Away
    • How to Properly Move WordPress to a New Domain Without Losing SEO
    • How to Choose the Best WordPress Hosting for Your Website
    • How to Choose the Best Blogging Platform (Comparison)
    • WordPress Tutorials - 200+ Step by Step WordPress Tutorials
    • 5 Best WordPress Ecommerce Plugins Compared
    • 5 Best WordPress Membership Plugins (Compared)
    • 7 Best Email Marketing Services for Small Business (2020)
    • How to Choose the Best Domain Registrar (Compared)
    • The Truth About Shared WordPress Web Hosting
    • When Do You Really Need Managed WordPress Hosting?
    • 5 Best Drag and Drop WordPress Page Builders Compared
    • How to Switch from Blogger to WordPress without Losing Google Rankings
    • How to Properly Switch From Wix to WordPress (Step by Step)
    • How to Properly Move from Weebly to WordPress (Step by Step)
    • Do You Really Need a VPS? Best WordPress VPS Hosting Compared
    • How to Properly Move from Squarespace to WordPress
    • How to Register a Domain Name (+ tip to get it for FREE)
    • HostGator Review - An Honest Look at Speed & Uptime (2020)
    • SiteGround Reviews from 4196 Users & Our Experts (2020)
    • Bluehost Review from Real Users + Performance Stats (2020)
    • How Much Does It Really Cost to Build a WordPress Website?
    • How to Create an Email Newsletter the RIGHT WAY (Step by Step)
    • Free Business Name Generator (A.I Powered)
    • How to Create a Free Business Email Address in 5 Minutes (Step by Step)
    • How to Install Google Analytics in WordPress for Beginners
    • How to Move WordPress to a New Host or Server With No Downtime
    • Why is WordPress Free? What are the Costs? What is the Catch?
    • How to Make a Website in 2020 – Step by Step Guide
Deals & Coupons (view all)
Photocrati Coupon
Get 20% off on Photocrati premium photography theme for WordPress.
WPForms Logo
WPForms Coupon
Get 50% off WPForms, the most beginner friendly WordPress contact form plugin available in the market.
Featured In
About WPBeginner®

WPBeginner is a free WordPress resource site for Beginners. WPBeginner was founded in July 2009 by Syed Balkhi. The main goal of this site is to provide quality tips, tricks, hacks, and other WordPress resources that allows WordPress beginners to improve their site(s).
Join our team: We are Hiring!

Site Links
  • About Us
  • Contact Us
  • FTC Disclosure
  • Privacy Policy
  • Terms of Service
  • Free Blog Setup
  • Free Business Tools
Our Sites
  • OptinMonster
  • MonsterInsights
  • WPForms
  • SeedProd
  • Nameboy
  • RafflePress
  • Smash Balloon

Copyright © 2009 - 2021 WPBeginner LLC. All Rights Reserved. WPBeginner® is a registered trademark.

Managed by Awesome Motive | WordPress hosting by SiteGround | WordPress CDN by MaxCDN | WordPress Security by Sucuri.