New User Name and Password By EMAIL???

  • I just installed WP via a one-click system at a major hosting company. Shortly after the registration was finished, I received an email with my WP user name and password in it.

    At first I blamed the hosting company and their one-click installation, but their support tells me that that email comes from WP directly!

    Come on guys, I have enough problems with security on WP sites already. I do not need somebody peeking into my mail box and having a day zero break-in on my brand new website! With my luck, they can get in faster than I can change the user!

    please stop sending user name and password by email, and particularly in the same email!!!

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator Samuel Wood (Otto)

    (@otto42)

    www.ads-software.com Admin

    If you have somebody with access to your email, then you’re already hacked. They can just use the reset password mechanism to change your password whenever they want.

    Moderator Samuel Wood (Otto)

    (@otto42)

    www.ads-software.com Admin

    That said, there are improvements coming to the password generation and reset process which are currently being discussed for possible inclusion in 4.3. More information on this topic is here:

    The Plan for Passwords

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘New User Name and Password By EMAIL???’ is closed to new replies.