20 july to today how many days countdown,Superph app for pc.REGISTER NOW GET FREE 888 PESOS REWARDS!

Reply To: Is WordPress sent forgot password key like activation key

bcworkz — Thu, 08 Nov 2018 02:24:00 +0000

Yes, it’s the same. If you look at the activation link, it contains action=rp query string. This is the same as password reset. On the wp-login.php page (line 627), case 'resetpass' : and case 'rp' : execute the exact same code.

TBH, your scheme sounds like security theater to me. I don’t see how you gain any real extra security. What shortcoming are you trying to address? OTOH, if your scheme makes you or your users feel more secure, it’s worth something. It’s your site, you can do as you please with it. It doesn’t matter what I think.

Reply To: Is WordPress sent forgot password key like activation key

Anonymous User 16484011 — Thu, 08 Nov 2018 03:59:09 +0000

Hi !

Bcworkz,

Thanks a lot for your subspecies time,

I am beginner of WordPress. So, can you please tell me the same how can I do the same. As you answered I already know the same because I already edit an email template which sends users to only mail which has only an activation key But my problem is when they put that key and after putting that what my system do exactly that I don’t know. I guess 1) Is system redirect the user to set a new password page ? 2) OR System sent users to new password to their registered mail id ?

Thanks

Reply To: Is WordPress sent forgot password key like activation key

bcworkz — Thu, 08 Nov 2018 17:20:17 +0000

The page receiving the user’s key input should redirect to the reset password page so they can input their preferred password. You don’t want to assign passwords for users to use, plus it’s better security to not send passwords via email. The redirect URL needs to include the activation key that was input, basically recreate the initial link sent in the email that you altered. An URL similar to:
httрs://example.com/wp-login.php?action=rp&key={ACTIVATION KEY}&login={USERNAME}