Prevent Password change users still changing passwords

  • Resolved Colleen

    (@lifebuffet)


    5 years, 8 months ago

    Hi there

    My client manually creates a user account for their non-public site. They allocate a password and click the “Prevent Password change” box on the new user account profile.

    However, they are still get notice of a couple of their users changing the password? How does this happen when they’ve also prevented users from accessing their profiles?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Contributor Alessandro Tesoro

    (@alessandrotesoro)

    Hi @lifebuffet

    They could be resetting it trough wp-login.php or anywhere else on your site that might link to wp-login.php.

    When you disable password reset, it’s only disabled when the user tries to change it from within the account form.

    Thread Starter Colleen

    (@lifebuffet)

    Hi @alessandrotesoro

    Thank you for your prompt response, and apologies for my delay.

    Thank you for the explanation. I am a bit confused because to my understanding I have ticked all the boxes for preventing the users to access their profiles / accounts. I also have a different url for wp-login set for security, so they shouldn’t be able to access that either?

    I’ll double check everything though.

    Plugin Contributor Alessandro Tesoro

    (@alessandrotesoro)

    Hi @lifebuffet

    Unfortunately there’s not much else I can do/know about what could be happening on your site. The locking is only enabled for the form within the account page “password” section.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Prevent Password change users still changing passwords’ is closed to new replies.