Hiding WordPress login error messages can be helpful if you don’t want to reveal to users that they’ve used the wrong username or the wrong password. The message that says “Invalid username” could potentially help a hacker in his search for the right username and password.
Get a free WPMU DEV plugin, plus free weekly tips and resources for using WordPress.
You can easily hide these messages by adding the following snippet to your theme’s functions.php file. This tip comes to you courtesy of Filip Stefansson who posted it over at wp-snippets.com:
add_filter('login_errors', create_function('$a', "return null;"));
This will help your site be a little more secure in the face of a direct hacking attempt.