By Using following hook, you can customize your login page and password validations with ajax or PHP.
add_action( 'login_form', 'myplugin_add_login_fields' );
function myplugin_add_login_fields() {
//Get and set any values already sent
$user_extra = ( isset( $_POST['user_extra'] ) ) ? $_POST['user_extra'] : '';
?>
<p>
<label for="user_extra"><?php _e('Extra Field','mydomain') ?><br />
<input type="text" name="user_extra" id="user_extra" class="input" value="<?php echo esc_attr(stripslashes($user_extra)); ?>" size="25" /></label>
</p>
<?php
}
Let me know, I case of any issues.
Related Posts:
- Where to securely store API keys and passwords in WordPress?
- Why are passwords exportable as plain text in WordPress?
- How is password strength calculated?
- Make password invalid once logged out of password-protected page
- Can’t reset WordPress password
- Is the “lost password” feature truly a vulnerability?
- Frontend Password change
- Is it possible to reduce the minimum character length for passwords?
- Is there any point setting the keys and salts in wp-config.php?
- When is wp_set_password() called or how to capture a password
- Moving away from MD5: Where to declare the custom global $wp_hasher?
- How to get WordPress to send Password Reset Link Email instead of New Password?
- Basic password protection without using users and roles
- How can I force a specific password?
- Can a WordPress administrator see other users’ passwords?
- After limiting the access to my wp-login.php by IP through .htaccess, all my password-protected posts stopped working. What’s the best solution now?
- Password-protect feed and make it usable in major aggregators
- Could a user account with a stolen password compromised entire WP site?
- Is my WP site being hacked?
- How to get real password (before encrypt) when register a user?
- Directory to store secure file
- Can you alter the default wordpress strong password requirements?
- what is a auth_user_file.txt?
- Is moving wp-config outside the web root really beneficial?
- Best way to eliminate xmlrpc.php?
- If a hacker changed the blog_charset to UTF-7 does that make WordPress vulnerable to further attacks?
- Should I remove install.php and install-helper.php?
- How do I technically prove that WordPress is secure?
- Which KSES should be used and when?
- Disable comment windows for all existing posts (pages/blogposts)
- Generate WordPress salt
- Vanilla WordPress install, what can/should I put in disable_functions?
- Stop wordpress automatically escaping $_POST data
- Secure my “add_settings_field” translation?
- how can i embed wordpress backend in iframe
- Handling nonces for actions from guests to logged-in users
- WordPress Logout Only If User Click Logout or If User Delete Browser History
- Can I force a password change?
- wp_insert_post disable HTML filter
- What is pclzip.lib.php file that wordfence think it’s a malicious code
- How to disable XML-RPC from Linux command-line in a total way?
- How to remove javascript malware in wordpress site [closed]
- Completely remove the author url
- Securing my WordPress Files and Directories
- Restricting access to content
- About WordPress site security
- Single sign-on: wp_authenticate_user vs wp_authenticate
- How to allow internal links using wp_kses filtration
- How does Cross Site Scripting (XSS) work exactly? [closed]
- Password protect a specific category page/post
- How does the “authentication unique keys and salts” feature work?
- vs WordPress Security
- esc_html__ security : what for in this example?
- Preventing BFA in WordPress without using a plugin
- wp-config.php being written by attacker
- XML-RPC errors they know my username?
- Is [admin / admin] acceptable for all local websites?
- Simple Online Payment for Event Registration [closed]
- What may be causing failure of auto-install features in WordPress (v3.0.3)?
- Client side HTTP parameter pollution (reflected)
- Local file inclusion critical security issue [closed]
- Malware script in database post table only? [closed]
- Best practices to assert current_user_can() with guests
- Force to use STRONG users password and implement rule to prevent REUSE [closed]
- How do I protect user_activation_key?
- XMLRPC slow and weird websites/services
- Is it safe to hand over the admin rights?
- How to find exploited wordpress plugin [closed]
- How I can open back door for myself?
- Specific way to allow WordPress users to view their current password? And edit it?
- Who updates the wp-admin/core file?
- How WordPress sanitizes post content on save? Or it doesn’t?
- Does this code indicate an exploit?
- Security issue with ‘paged’ and ‘posts_per_page’ parameters taken directly from a POST request?
- How to prevent to direct access of my custom plugin folder/files
- RESTRICT EDIT of PHP files?
- wp-content – permissions for files/folders created by apache
- Has anyone developed a anti-spam plugin to simply allow users to BLOCK whatever they wish to, but one that will also go easy on IP addresses?
- Monitor wordpress all external calls
- HSTS header not being added correctly
- how to protect wordpress content from crawler
- Is it okay to use an ACF field to store a password for a protected area of a page?
- Can WordPress admin user + database credentials be used to gain Cpanel or FTP access?
- Should I worry about SQL injection when using REST API?
- Links to root domain from search engines don’t work, but direct links and links from other referrers do
- How can I backup my site if it gets hacked?
- Standard Method for Securing a WordPress Site
- Secure Multiple WordPress Installations on shared hosting
- Able to go to WordPress admin even after deleting auth cookies from request headers
- Step by Step Instructions for Making Media/Uploads Private to Only Logged-In Users
- Secure a WordPress website in 2019: one plugin or a combinations of them?
- What are the different types of firewall protections available for a WordPress website?
- Run a security scan on WordPress site that has .htaccess password [closed]
- Is this a WordPress security bug?
- Competitor is somehow accessing MetaData on a hidden WordPress site
- WordPress Hacks/Defacing [closed]
- How do you search for backdoors from the previous IT person?
- Possible to change email address in keypair?
- Is wp-cron.php vulnerable to external attacks and how to protect it?
- How to address security vulnerabilities: LUCKY13, BEAST, and BREACH