Password changed while editing a user

  • Resolved regnalf

    (@regnalf)


    3 years, 9 months ago

    I have encountered a problem when editing a user. A WordPress site of mine (WP version 5.6.1) has when saving changes of a user also changed his password although I have not touched the change password button!

    Yes, the site uses plugins that also extend the available fields of a user, but shouldn’t the password change function be protected by the button? I mean in no case should be possible to change password without explicit command!

    • This topic was modified 3 years, 9 months ago by regnalf.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    That’s not default behavior, so it’s most likely a plugin thing.

    Please attempt to disable all plugins, and use one of the default (Twenty*) themes. If the problem goes away, enable them one by one to identify the source of your troubles.

    Also check that your browser isn’t auto-filling the password field.

    Thread Starter regnalf

    (@regnalf)

    It looks like I have found the culprit.

    The plugin is called “Download Manger” from W3 eden. The password is changed depending on whether the plugin is active or not.
    Strange is only that the plugin should not actually intervene in user management!

    However, this will now have to explain the guys from W3 eden!

    Thread Starter regnalf

    (@regnalf)

    Update, after getting help from a dev, it seems that the evil guy is the chrome browser itself!!!

    Even if the password auto-filling feature was disabled, the password itself was filled in the hidden fields. Even during normal login the fields were filled in, no matter what is set!

    So Goodby Google Chrome Password Manager, hello KexPassXC.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Password changed while editing a user’ is closed to new replies.