User password reset not working after hacking

  • Resolved flojnel

    (@flojnel)


    9 years, 8 months ago

    One of my clients’ sites was recently hacked. Had Sucuri clean it up and asked users to reset their passwords. One of my clients can no longer get in. I’ve cleared the database of all entries related to him, have reset his password, added his IP to the whitelist, and have put up a clean copy of the plugin. Nothing has worked.

    He did make multiple attempts to get in. I have the shared Brute Force protection enabled. Could he be blocked on some external list? If so, how could we change that?

    As far as I know, others are not having this issue – I’m not experiencing it. I tested another username/email combo I use for testing and at first couldn’t get in. After I put up a fresh copy of the plugin, I was able to get in.

    Any other ideas about what the problem could be?

    https://www.ads-software.com/plugins/better-wp-security/

Viewing 1 replies (of 1 total)
  • Thread Starter flojnel

    (@flojnel)

    Fixed. I had the item to force users to use a different nickname checked. It’s supposed to not apply to current users, but something in the process of clearing up the hacking (redoing the salts, I’m guessing), made all users new. I had to disable that feature to get it working.

Viewing 1 replies (of 1 total)
  • The topic ‘User password reset not working after hacking’ is closed to new replies.