• I need to be able to customize the text that shows up when a user tries to reset their password. It’s a pretty significant security issue that the message says something like “That username is not recognised.” or “An email has been sent. Please check your inbox.” since it allows potential attackers to enumerate accounts.

    Can we either get the ability to edit the text that shows up, or it would also work if y’all could update it to something like “An email has been sent to the account if one exists.”

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter sbeaney

    (@sbeaney)

    It would also be nice if we could specify the security beyond the 8 character minimum. Enforcing strong passwords would be ideal (upper, lower, numeric, special).

    Plugin Author Wp Enhanced

    (@wpenhanced)

    Hi there ?? Sorry for the delay

    1. Not sure what you mean here, why would the text be a security issue? You get an error message right when there is a problem resetting?
    2. Noted – added to dev list
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘No way to customize notice text’ is closed to new replies.