I am locked out

  • Resolved Naji Amer

    (@n-for-all)


    6 years, 5 months ago

    This is the third time i get locked out.

    if i login with my password it shows:

    INSECURE PASSWORD: Your login attempt has been blocked because the password you are using exists on lists of passwords leaked in data breaches. Attackers use such lists to break into sites and install malicious code. Please reset your password to reactivate your account. Learn More

    when i try to reset the password, i get an email:

    [Wordfence Alert] www.*** Password recovery attempted

    how do i reset the password if you are blocking the password email and you are blocking the login?

    how do i disable this feature, it seems like also real woocommerce customers are having the same issue and they are not able to login anymore and not able to reset their password either.

    Please let me know how to get rid of this functionality.

    thanks

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hi Naji,

    We don’t block the password reset emails, it’s just an email alert saying that someone has requested a password reset (just a notification). You still should be able to receive the password reset email if you entered a valid user email address. I suggest checking the spam folder, sometimes these emails ends up there. If you didn’t receive the password reset email for some reason, it might be something else in your WordPress setup or the mail setup on the server that you need to investigate.

    The options responsible for that is located at (Wordfence > Firewall > All Firewall Options > Brute Force Protection > Prevent the use of passwords leaked in data breaches).

    Thanks.

    Thread Starter Naji Amer

    (@n-for-all)

    Hi wfalaa,

    Thanks for your reply, i checked my spam and added a email log plugin for WordPress emails, unfortunately there is no trace of the password email, if i disable wordfence, i receive the password email, once i activate it, i only receive the wordfence notification of password recovery attempted.

    i think you should move the password recovery attempted to be sent after the password reset email, just to make sure you don’t get locked out.

    thanks

    Hi @n-for-all,
    We do not send the password recovery emails, they are sent from WordPress core. We also do not interfere with the password recovery emails in any way. It’s possible that there is some PHP error happening which you should be able to find out by checking the PHP error logs on your server.

    Since it’s been a while, I’m not sure if you’ve already resolved the issue or not. If you are still having problems, let us know if you find anything in the PHP error logs.

    Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘I am locked out’ is closed to new replies.