Reset Password: Omit Username Field

At this time it is not an option, but it is on the project list to incorporate a number possible options with forgotten usernames/passwords/emails.

The reason behind the current process is that this adds a layer of security. With just an email, if a user’s email is compromised, the password could be reset.

Hello Chad,

First of all thanks a lot for offering such a great plugin…

It would be great if you incorporate the feature “only email required to reset password”…I know it will become less secure but at the same time it will become very user friendly….Many of my registered users often forget their username,but nobody forget their email….

Kindly incorporate the feature “only email required to reset password” to make it more user friendly…

Hi Chad,

Thanks for all your hard work on this plugin! I also would LOVE to omit the username requirement for the forgotten password inquiry. My users are not likely to remember their user name (myself included). If I have to go find my user name I would search my emails to find it. If my email was compromised the person would already have my username and email address. For convenience I would recommend only the email. I’ve never been promoted to input username AND email for a reset, even on highly secure websites. If someone is that hell bent on getting into the site they’ll find a way. ??

For others with this problem, here is my workaround: I am going to implement a manual reset the passwords by uploading a contact form that asks a client for their email. When I get the reset inquiry I’ll reset the password and email them their updated login information (username and email). It’s NOT an automated system but it’s my only option since I know my users won’t remember their usernames. (I only use this for our social group so it’s not a huge set of users, but for others this is not an option)

Please please include this feature in the next updates! Thanks!!!

Hi Chad,
Remove enter username will easy for member if they can’t remember username. Only Email feild will better.

Hope it will have this option in next version. Thankyou!

[ Signature moderated. ]

hi all!

I have a solution for it ( maybe not good solution but it worked fine for me )

in plugin folder / wp-members/ wp-members-dialogs.php

At line 570 replace

$link = apply_filters( ‘wpmem_forgot_link’, wpmem_chk_qstr( WPMEM_MSURL ) . ‘a=pwdreset’ );

with

$link = apply_filters( ‘wpmem_forgot_link’, home_url() . ‘/wp-login.php?action=lostpassword’ );

Save and … ??

you can replace it in wp-members-sidebar.php and wp-members-deprecated.php file if you want it work in other area.

[ redacted, support is offered via the forum and not email ]

I have a solution for it ( maybe not good solution but it worked fine for me )

Thanks for your enthusiasm, but you are correct – it’s not a good solution. Making changes directly to the plugin is a bad practice for a number of reasons.

Do you see the “apply_filters” in the line you are referencing? Anytime you see that in WordPress or a plugin, that is a filter hook. That means you can make a custom function to filter this element without making changes to the actual plugin.

You can “hook” into this section of the code with a call to “add_filter“, naming the filter hook (tag) and what function you want to call.

The filter tag is always the first parameter – in this case “wpmem_forgot_link”, which, is a hook placed there for the specific purpose of filtering (changing) the logout link. In this simple filter, there is only one parameter passed and that is the link.

The correct way of handling this would be to place the following in your functions.php file:

/**
 * adds a filter for wpmem_forgot_link,
 * calls the function my_forgot_link
 */
add_filter( 'wpmem_forgot_link', 'my_forgot_link' );

/**
 * this function accepts the one parameter that this filter passes
 * and returns the value that you want.
 */
function my_forgot_link( $link ) {
     return home_url() . '/wp-login.php?action=lostpassword';
}

Now you’ve changed the link without changing the plugin, preventing you from (a) breaking the plugin, and (b) using a method that allows you to upgrade without having to re-hack the plugin (which we all know leads to not upgrading, thus missing out on security updates, leading to a hacked site – and that’s not fun).

This plugin is loaded with filter hooks (and action hooks) so it is very customizable. The plugin’s support site has a full list of hooks in the plugin and associated documention.

yes. Its good! Thanks for your reply. I can understand more about filter hook ?? ( I’m a designer so i can’t coding good ) Hope this option will have in next version.

Rgds,
Minh Thong.

moved