Opened 14 months ago
Closed 14 months ago
#62917 closed feature request (wontfix)
Add an option to force users to change password on first login
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | |
| Component: | Login and Registration | Keywords: | |
| Focuses: | administration | Cc: |
Description
I created an account for someone to do posts on one of our WordPress sites. We don't have email set up on that site and don't want it.
However, I'd like the user to change their password the first time they log in.
I have asked them to do this in the email I sent them with their login credentials, but it would be nice to have a checkbox in the user creation form so I can enforce it.
PS it would be nice if the Contributor Focuses: tags had a security tag as this is related.
Change History (1)
Note: See
TracTickets for help on using
tickets.
Thanks for the ticket @justinz2021 .
The default workflow in WordPress is pretty much this. When you register a user from Users -> Add New User, the user is sent an email containing a password reset link. The email doesn't contain their password, therefore if you don't manually tell the user what password you created for them then they can't log in without changing their password.
I'm not sure what the reason is for not configuring outbound email on your server, but it's definitely creating a problem for yourself that you need not have. For example, if the user forgets their password then you're back to square one.
If you really don't want to configure outbound email then I recommend installing an email capturing plugin such as WP Mail Logging which you can use to capture the password reset link for the new user and send them the link manually. This is probably the most straight forward solution to this particular requirement.