Cannot reset password, always “Please verify that you are human”

Update: even when I disable the captcha on Woocommerce Reset Password form, it still complains “Please verify that you are human”.

Note: this happens when “WordPress Reset Password” is enabled, and “Woocommerce Reset Password” is disabled. In this instance, the captcha no longer appears on the form. But when you submit the form, it is still being treated as-if the captcha was active on this form.

• This reply was modified 1 year, 5 months ago by authentico.

Update: I see now that the traditional “Reset Password” form actually just redirects to My Account > Reset Password (created by Woocommerce).

So I tried by disabling “WordPress Reset Password”, and enabled “Woocommerce Reset Password”, and with this configuration it works.

Thanks for the info. It seems to work fine on my end but I will take a look into this.

This plugin actually has a conflict with a very popular plugin called WPS Hide Login. Can you please advise what to do? The WPS plugin basically changes the admin login /wp-admn to a custom login for security.

What was mentioned above about disabling the turnstile from the wordpress reset password and keeping it on with woocommerce works, but I am not sure if that affects security of the site and opens a loophole somehow?

Thanks

• This reply was modified 1 year, 3 months ago by boldproducts.

That’s strange. I use Simple Cloudflare Turnstile with WPS Hide Login on several sites without any problems.

Did you test it with resetting password etc?

What was mentioned above about disabling the turnstile from the wordpress reset password and keeping it on with woocommerce works, but I am not sure if that affects security of the site and opens a loophole somehow?

@boldproducts, We encountered the same issue and realized that it was not caused by the plugin or Woocommerce itself, but rather because we had changed the default login URL using a plugin.

We resolved this problem by customizing the default “password reset” email template and modifying it to use our custom login URL into it.

You can test this fix by adding the following code to your functions page:

// Override the password reset email URL add_filter( 'retrieve_password_message', 'custom_password_reset_url', 10, 4 ); function custom_password_reset_url( $message, $key, $user_login, $user_data ) { // Replace the default reset URL with your custom login URL $reset_url = site_url('/your-custom-login-page?action=rp&key=' . $key . '&login=' . rawurlencode($user_login)); // Customize the email message $message = __('Someone has requested a password reset for the following account:', 'your-text-domain') . "\r\n\r\n"; $message .= sprintf(__('Username: %s', 'your-text-domain'), $user_login) . "\r\n\r\n"; $message .= __('If this was a mistake, ignore this email and nothing will happen.', 'your-text-domain') . "\r\n\r\n"; $message .= sprintf(__('To reset your password, visit the following address: %s', 'your-text-domain'), $reset_url) . "\r\n\r\n"; return $message; }

Replace “your-custom-login-page” with your custom login URL and “your-text-domain” with your domain name.

Hope this helps.

Cheers, Han.