Fair.
However, I’ve set up my site so that only people who have purchased a product are the ones that will have a new user role created. All other avenues have been disabled/redirected.
Furthermore, any new user that’s created is only a “subscriber” which inherently won’t have the ability to do much on my site in a malicious way.
However, if I’m wrong in the above, please feel free to educate me. But I’ve taken some good measures to be sure that only ppl who have bought something will be created as a new user.
Yes, I know worst case scenario, someone buys something, then they share their username and generic password with a bunch of people, but I feel this is pretty unlikely. EVEN IF this were to happen there’s options for disabling multiple logins from the same user acct.
About your suggestion of pasting the password into the password field… Im actually looking for a way that a standard/generic password will be automatically created by WP so that when the standard WP email is sent to the new user, it has that set password.
Open to ideas/help on the matter.
Thanks again!
