are already logged in users redirected when password expires

  • Resolved pronl

    (@pronl)


    8 years, 1 month ago

    Hi Frankie,

    Just a short question.
    Are already logged in users (on page refresh) redirected to the password reset screen when their passwords expire ?

    On github I noticed this quote:

    Users with expired passwords are redirected to the password reset screen upon sign in.

Viewing 1 replies (of 1 total)
  • Plugin Author Frankie Jarrett

    (@fjarrett)

    Hi @pronl.

    No, this plugin does not destroy user sessions. It only runs when users are logging in, checking to see if their password is too old and should be reset.

    By default, WordPress will keep users logged in for 12 hours. But if they click “Remember me” on the login screen, this is increased to 14 days.

    I’d recommend using the auth_cookie_expiration filter if you want user sessions to be shorter and require them to log back in on page refresh.

Viewing 1 replies (of 1 total)
  • The topic ‘are already logged in users redirected when password expires’ is closed to new replies.