WordPress.org

Make WordPress Core

Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#27192 closed enhancement (maybelater)

Instruct user to change their password when sending new account email

Reported by: danielbachhuber Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: Login and Registration Keywords: ux-feedback
Focuses: docs, multisite Cc:

Description

When a multisite user has activated their new account, they're sent an email that includes their new password.

The email also should include instructions on how to reset their password, as passwords sent by email should be treated as compromised passwords.

Attachments (9)

27192.diff (822 bytes) - added by salcode 4 years ago.
27192.1.diff (2.2 KB) - added by ericlewis 4 years ago.
27192.2.diff (796 bytes) - added by downstairsdev 4 years ago.
Please update your temporary password after logging in.
27192.3.diff (797 bytes) - added by Hanni 4 years ago.
Please change this temporary password when you log in for the first time.
27192.4.diff (797 bytes) - added by Hanni 4 years ago.
Please change this temporary password when logging in for the first time.
27192.5.diff (985 bytes) - added by Hanni 4 years ago.
consistency between "welcome_email" and "welcome_user_email" too.
27192.6.diff (986 bytes) - added by Hanni 4 years ago.
Successfully spelling successfully successfully. Second attempt at being successful has resulted in success.
27192.7.diff (1.7 KB) - added by jeremyfelt 4 years ago.
27192.8.diff (1.7 KB) - added by Hanni 4 years ago.
In which I was so eager to successfully achieve consistency that I unsuccessfully introduced a decidedly unnecessary colon.

Download all attachments as: .zip

Change History (39)

#1 @jeremyfelt
4 years ago

  • Keywords ux-feedback added

+1

While these emails can be easily changed, I think better encouragement makes sense in the defaults.

The default welcome_email option is:

Dear User,

Your new SITE_NAME site has been successfully set up at:
BLOG_URL

You can log in to the administrator account with the following information:
Username: USERNAME
Password: PASSWORD
Log in here: BLOG_URLwp-login.php

We hope you enjoy your new site. Thanks!

--The Team @ SITE_NAME

The default welcome_user_email site option is:

Dear User,

Your new account is set up.

You can log in with the following information:
Username: USERNAME
Password: PASSWORD
LOGINLINK

Thanks!

--The Team @ SITE_NAME

Related password nag discussion for initial WordPress install password in #9710

#2 @jenmylo
4 years ago

Agreed to what Daniel said.

#3 @SergeyBiryukov
4 years ago

  • Component changed from Networks and Sites to Text Changes

#4 follow-up: @ericlewis
4 years ago

Daniel said

passwords sent by email should be treated as compromised passwords

If this is true, shouldn't we reconsider sending passwords via email altogether?

#5 in reply to: ↑ 4 @danielbachhuber
4 years ago

Replying to ericlewis:

Daniel said

passwords sent by email should be treated as compromised passwords

If this is true, shouldn't we reconsider sending passwords via email altogether?

While I agree with the idea, if adding a line of text is 1x effort, creating a UX around setting your password from a link is an order of magnitude beyond that.

@salcode
4 years ago

#6 @salcode
4 years ago

  • Keywords has-patch added; needs-patch removed

in attachment:27192.diff added the line We recommend updating your temporary password on first log in. to both emails and changed the Password label to Temporary Password

Patch made at WordCamp Lancaster 2014 with @updatediva and @ericlewis

Last edited 4 years ago by salcode (previous) (diff)

#7 @jeremyfelt
4 years ago

  • Milestone changed from Future Release to 3.9

Looks good, let's consider this for 3.9.

#8 @DrewAPicture
4 years ago

  • Focuses docs added

The text changes/additions will need feedback from the docs team.

@ericlewis
4 years ago

#9 @ericlewis
4 years ago

attachment:27192.1.diff is a proof of concept in sending the user a set password link rather than the actual password.

In this preliminary implementation, we just send the user to the reset password page. In a follow-up, we can create a separate template in wp-login.php to output proper labeling ("Set password" rather than "Reset password")

Patch made at WordCamp Lancaster 2014 with @updatediva and @salcode

#10 @lorax
4 years ago

While I think:

We recommend updating your temporary password on first log in.

is better - it seems more inconsequential. I'd like to see stronger language or provide some context.

We strongly urge you to change your password upon log in. Passwords sent by email are convenient but email is not secure.

@downstairsdev
4 years ago

Please update your temporary password after logging in.

#11 @downstairsdev
4 years ago

I agree with @ericlewis that sending a link to set the password would be best.

But improving the text would be a good first step if we're trying to aim for 3.9. I updated the text to say "Please update your temporary password after logging in." I think that's more direct than the recommendation. I also have a patch that links the user directly to their profile- but I need test it a little more.

Would it be confusing to users directly to their profile edit page? Or should separate instructions for changing the password with the profile edit link be included after the main text?

#12 follow-up: @Hanni
4 years ago

"We recommend updating your temporary password on first log in" could perhaps be phrased a little differently. I understand what this means, but nonetheless read it a couple of times as it appeared a tad awkward, perhaps (this is coming form someone who appears to have an uncanny ability to create these kinds of awkward sentences). So, I concur with @downstairsdev.

Since it's being sent to new users created on a multisite install, one might be able to suggest that there is a possibility of unfamiliarity with the process, or indeed with WordPress as a whole.

How about something something a little easier to parse?

"Please update this temporary password when you first log in to WordPress.. " or" Please change this temporary password when you log in for the first time"

So, couple of things going on there: change is a clearer, less jargon-y call to action than update, imho, and secondly "first log in" versus " log in for the first time".

Thoughts?

(edited for clarify to reflect the fact that I started writing this last night, before @downstairdev's comments)

Last edited 4 years ago by Hanni (previous) (diff)

#13 in reply to: ↑ 12 ; follow-up: @jeremyfelt
4 years ago

Replying to Hanni:

"Please change this temporary password when you log in for the first time"

This one is my favorite so far. I think because it is multisite, having "WordPress" in the message may confuse somebody without proper context.

I do like the idea of providing some sort of link in addition to the message. The edit profile page could be the best bet.

#14 @salcode
4 years ago

@downstairdev - We discussed sending the user directly to their profile edit page but decided against it based on how far down the page the password fields are. However, as I write this I realize we could append #password to the URL to jump to that section of the page, so that would work.

However, are users going to continually come back to this email to log in? and therefore end up at their password section of their profile each time they log in.

Ultimately, I think the solution by @ericlewis is the best route to go and a text change (not a url change) will suffice as a bandaid. To that end I agree with @jeremyfelt and @Hanni on "Please change this temporary password when you log in for the first time"

#15 in reply to: ↑ 13 @Hanni
4 years ago

Replying to jeremyfelt:

Replying to Hanni:

"Please change this temporary password when you log in for the first time"

This one is my favorite so far. I think because it is multisite, having "WordPress" in the message may confuse somebody without proper context.

You're absolutely right; I hadn't considered that.

Creating patch.

@Hanni
4 years ago

Please change this temporary password when you log in for the first time.

@Hanni
4 years ago

Please change this temporary password when logging in for the first time.

#16 @Hanni
4 years ago

So, whilst double-checking the above, I reconsidered the repetitive when you log in, log in.. etc in such small paragraph, so offered the alternative of when logging in. Hence, patch3 offers "when you log in" and patch4 offers "when logging in", so that others can weigh in if they deem this niggle something worth changing.

And I have also noticed an inconsistency in the tenses used in welcome_email and welcome_user_email which I think is unnecessary and should be standardised, both for the sake of readability and ease of translation. Looking.

@Hanni
4 years ago

consistency between "welcome_email" and "welcome_user_email" too.

#17 @Hanni
4 years ago

Note that 5 uses "when logging in" as opposed to "when you log in". I can see arguments for either; the former removes receptive "you"s, but the perhaps impresses the importance of the change on the user a little more.

@jeremyfelt and @salcode: preferences?

Last edited 4 years ago by Hanni (previous) (diff)

#18 @kpdesign
4 years ago

My preference is "Please change this temporary password when logging in for the first time."

27192.5.diff has one small typo in the following phrase:

Your new account has been sucessfully set up: (s/sucessfully/successfully)

Other than that, looks good! :)

@Hanni
4 years ago

Successfully spelling successfully successfully. Second attempt at being successful has resulted in success.

@jeremyfelt
4 years ago

#19 follow-up: @jeremyfelt
4 years ago

Successful changes look good. I like the change to "when logging in".

27192.7.diff also adds the new language to the email sent with wp_new_user_notification() when adding users through the network admin.

#20 in reply to: ↑ 19 @Hanni
4 years ago

Replying to jeremyfelt:

Successful changes look good. I like the change to "when logging in".

27192.7.diff also adds the new language to the email sent with wp_new_user_notification() when adding users through the network admin.

Great!

@Hanni
4 years ago

In which I was so eager to successfully achieve consistency that I unsuccessfully introduced a decidedly unnecessary colon.

This ticket was mentioned in IRC in #wordpress-dev by DrewAPicture. View the logs.


4 years ago

#22 @DrewAPicture
4 years ago

  • Keywords commit added

27192.8.diff looks great.

#23 follow-up: @Hanni
4 years ago

If 27192.1.diff does indeed seem a better approach that sidestepping a flaw with text changes, "You can log in to the administrator account with the following information: " would need to be adjusted, depending on the implementation.

Last edited 4 years ago by Hanni (previous) (diff)

#24 in reply to: ↑ 23 @kpdesign
4 years ago

+1 to 27192.8.diff

The original intent of the ticket was to provide instructions on how a user can reset their password when logging in the first time - basic text changes.

Being this close to beta, I think it might be better to make the text improvements for 3.9, then revisit the solution proposed in 27192.1.diff early in the 4.0 dev cycle.

This ticket was mentioned in IRC in #wordpress-dev by jorbin. View the logs.


4 years ago

#26 @nacin
4 years ago

  • Component changed from Text Changes to Login and Registration
  • Keywords has-patch commit removed
  • Milestone changed from 3.9 to Future Release

Per the lengthy IRC conversation, we're going to skip this entirely for 3.9. The incremental improvements here don't help much, as the proposed patches:

  • only apply to multisite (emails are sent in plain text for new user registrations in single-site too)
  • only apply for the fallback email template (these are editable in multisite)
  • don't do anything in the dashboard to nag the user

In the end, the impact is thus very minimal and it doesn't clearly improve the user experience. I'd like this to be tackled in 4.0, probably with #24633. It'll probably require a group of contributors to storyboard out exactly how all of this should work in an ideal situation, and then we can go about coding it.

#27 @rclilly
4 years ago

Emailing passwords (regardless of multisite or not) are a BAD idea. +1 to completely revamping how this whole process works.

This ticket was mentioned in IRC in #wordpress-dev by jorbin. View the logs.


4 years ago

#29 @DrewAPicture
4 years ago

  • Milestone Future Release deleted
  • Resolution set to maybelater
  • Status changed from new to closed

#30 @BjornW
4 years ago

Is someone working on this ticket for 4.1?

Note: See TracTickets for help on using tickets.