[password] field in confirmation mail

Hi René,

For security reasons, we removed that functionality a long time ago. It will not be coming back. There is no way to automatically include a user’s password in an email.

Thank you for clearing that up!

So I’ve added a user to the list, the system will email this user to tell him/her how to log in.
what should I put in the email for the user?

Thanks!
René

Hi René,

I’m not sure what you mean. You can put whatever you like for the email content. If you still mean for the password, it’s just not a secure practice to have the site owner/admin knowing the password of the site users. Your best bet would be to let people register for themselves on your site.

Well I would like to know the advised way when adding a user by the admin and sending the user a mail with information how to proceed.

Steps
1. Add user on the admin page
2. User is send a mail

So my questions are:
– What should I put in the mail?
– what should the user do?

Is it advised to enter a user with a standard password and let the user reset their password via a link in the mail (2.)?

Thanks, René !

Hi René,

What you put in the content of the email that is sent to a new user is completely up to you. I have no recommendation for that. You can put whatever you want.

If you’re still talking about how to handle the password, then, yes, you can include a link to the page on which you’ve placed the [forgot-password] shortcode, so they can, themselves, initiate a new password request.

Thanks for your answer!

To be clear I’m not asking what I can put in that email.

I wanted to know what workflow you thought of when Etoile programmed the [Add User] functionality (password included) into the admin pages. And how it related to the mail sent, when a user is created that way.
But apparently there is no such workflow. The [add user] button is just a loose functionality not really connected to the rest of the plugin it seems.

I searched everywhere, but couldn’t find documentation on the subject so I hoped to find an answer here.
Too bad. Thanks.

I can’t answer that, unfortunately. The plugin has changed/been updated so much over the last 6/7 years that I can’t speak to what the original workflow theory/philosophy was when it was created. Anyway, I’m not sure how that is relevant.

Do you mean to imply that the there is no value at all for having the functionality to create a user in the admin because there is no way to automatically send people their passwords? Many people use this plugin for many different things, many of which are probably very, very different from how you are/were planning to use it.

Let’s say that, for example, you’ve built a front-end system on your website for employees to have access to information about your business or their jobs. You could easily create an account for them and provide their credentials to them through your already-existing channels of communication.

Or let’s say that you’re running a restaurant and need to have pages specifically locked down for staff.

Or you’re building a fan club to give private access to certain content, but it’s for a user base that might not be technologically savvy, so you want to create the accounts yourself. In that case, you could just automatically have it email people their username and a link to set/reset their password, exactly as we’ve already described.

More important than any of that is it’s just not secure or a good practice to have your admin know the passwords of your users or to send an email with their password in it. I know that I’ve signed up for websites in the past and was quite taken aback to get an email with my password in it, in plain text. It just doesn’t feel (and isn’t) safe, and is the reason we removed the feature a long time ago.

There are so many different ways that you can use our plugin, many of which benefit greatly from having the admin being able to create the user accounts, and none of which would have any benefit from having the admin know the password or having an insecure email with a plain text password in it.

Thanks