Eric Mann notes that “WordPress nonces are, admittedly, not numbers and not used once.” Since they're not “true nonces,” WordPress nonces “fall down horribly” and constitute a “fatal flaw” when developers use them to secure the admin. 🔓
Eric says we urgently need “true cryptographic operations,” and there's a possible path to that destination, but it is “incredibly steep.” It will require “a major paradigm shift in WordPress development” — and developer education.
I want to also note some comments here from Andrew Nacin on Twitter: “…we shouldn’t have called them nonces. But, time-based, stateless HMAC tokens are just as valid (and commonly used) for CSRF protection. The primary point of these tokens isn’t to prevent a replay attack. Its only point is to guard against CSRF, and it does that well.”