WordPress.org

Make WordPress Core

Opened 7 months ago

#52630 new enhancement

Add Validation/Security to Password Reset

Reported by: Ipstenu Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Users Keywords:
Focuses: privacy Cc:

Description

One of the issues that came up with #34281 (allowing admins to send users a Reset Password link) is that there is no real way to validate that the request is legit. We removed the IP address in order to protect privacy, however we should loop back and consider ways to make it more secure that it's a real password reset link and not a phishing attempt.

The first thought I had was to add in a feature with single use keys. When anyone uses a password-reset link, we set a random key as user-meta for the person being reset. The email to reset passwords includes would include that key (either in the link or as a 'paste this in to validate your user...' or even just "Your authentication code is X"). That key is required to use to reset. If it's wrong or missing, you get kicked back out.

We could also make that check filterable so people could enhance it even more with 2FA if they wanted, or to be able to log who made the reset requests in general.

Change History (0)

Note: See TracTickets for help on using tickets.