I can’t edit one of my users

  • So I recently changed the password for one of my users on my blog and then tried to log in and was rejected. So I hit the button to recover my password and it sends me a new password for my Admin user and not the user I author with.

    Once logged in as the Admin I tried to change the password on this other username and it tells me that the ’email is already registered and to choose another one’.

    Can I seriously not have two users associated with the same email address? Do I just need to put another email address in there to edit the password? Is there any way to look up what the password is currently set to for a given user?

    Thanks,

Viewing 6 replies - 1 through 6 (of 6 total)

  • Can I seriously not have two users associated with the same email address?

    Correct. You need different email addresses for different users.

    Do I just need to put another email address in there to edit the password?

    You need to set up one of your replicated users with a new email address.

    Is there any way to look up what the password is currently set to for a given user?

    No. All passwords are one-way encoded in the database.

    Is there any way to look up what the password is currently set to for a given user?

    I hope not, that would be a serious problem, i’d never register with any WordPress blog if the administrator of that site could decrypt the password (which is the whole point in one way encryption). If someone could decode it, there’d be no point encoding it in the first place.

    I think Esmi has addressed your questions, just wanted to air my thoughts on the password question.

    Thread Starter evandileogmailcom

    (@evandileogmailcom)

    Awesome, thank you both. New emails for my users then it is.

    Thanks!

    Question to t31os: shouldn’t admins be able to make sure that users, who are often not tech-savvy, have created strong passwords? I was thinking about trying to change all passwords periodically and having the new password emailed to each user. But I couldn’t figure out how to get the email generated by WordPress. WP sends only for a New Registration or when the user fills out the Password Lost form.

    If you’re going to enforce strong passwords, your check should be done at the time of password submission, either when registration occurs, when a password is changed, or both.

    Can’t say i’ve looked at any plugins or code relating to password enforcement though, so i can only suggest a search around, google and the forum.

    WordPress creates the first password though, so any weak passwords should only be present as a result of the user specifically changing the password. I’d imagine there’s a possiblity hooks exist for the password retrieval functions, seeing as i’ve not looked i can’t say for sure, but i’d guess that’s where you’d hook onto, probably something do with the update usermeta calls (guessing).

    thanks, t31os. Sean Barton wrote a plugin which I’m going to test. https://www.sean-barton.co.uk/2010/05/sb-password-expiry/

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘I can’t edit one of my users’ is closed to new replies.