Myself got locked out

  • Resolved breadf

    (@breadf)


    1 year, 2 months ago

    This morning I was bombarded by messages telling me unwanted login. I checked the msg and saw it was using my old username in the old version site. When I tried to login (I am admin user), my password is useless now. Why this happened?

    I didn’t install wordfence in the old version. This is our new version of site. Around Aug 31st, I uploaded it to server and installed wordfence this time.

    • This topic was modified 1 year, 2 months ago by breadf.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @breadf, thanks for your message.

    It does sound slightly suspicious but I don’t have enough information to confirm if somebody has managed to compromize your account.

    Is the old version of the site contained in a subdirectory of the main site or has it been removed altogether? Wordfence may still monitor sites in subdirectories depending on your settings, although I’m wondering if your old username had become known somehow and has just been attempted on the new site as the URL may be the same.

    Wordfence doesn’t change account passwords (even when accounts get blocked or wrong passwords are repeatedly tried) so are you running 2FA or reCAPTCHA that could deny you access instead? If not, are you able to access your account when either (a) temporarily renaming the /wp-content/plugins/wordfence plugin folder to “wordfence_bak” or (b) attempting a password recovery using the “Lost your password?” link?

    Thanks,
    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Myself got locked out’ is closed to new replies.