If you using a plugin to implement a CAPTCHA on the WordPress login form (the backend login, wp-login.php), you will find that this is not always compatible with the WP-Members front end login.
WP-Members includes WP’s native hooks such as login_form for broad compatibility with plugins that may add additional authentication to the login. But these are not always compatible with WP-Members or with front-end logins in general.
If the third party plugin does not load its scripts on the front end, it will not be compatible. If you are getting failed logins with strange error messages (such as “human verification incorrect” or something like that), then the issue is likely that a third party CAPTCHA is being used, but cannot authenticate on the front end of the site.
What happens is that in order to implement the CAPTCHA, the plugin must remove the function wp_authenticate_username_password from the authenticate process with remove_filter. This allows the plugin to implement its own authentication that includes not only username and password, but also will validate the CAPTCHA.
This creates a problem since WP-Members also uses WP’s authentication to log a user in. Because the WP-Members form will only be passing two parameters, username and password, and the authentication is now requiring the addition of a third parameter (the CAPTCHA) that is not included in that form, the login will fail.
There are ways to work around this.
Continue Reading →