WordPress.org

Ready to get started?Download WordPress

Forums

How to get the password and username of the add new user form (admin back end) (3 posts)

  1. alhoseany
    Member
    Posted 1 year ago #

    I am trying to get the username and password that entered by the wordpress admin in the add new user screen to use those into creating a webmail account using cpanel api.

    How to do that? is there is any hook for it?

    Also, When the user id changing his password, I want to get the new and old password and use it to change the one for the webmail account.

  2. bcworkz
    Member
    Posted 1 year ago #

    I'm afraid this is not the best idea, IMO. Mainly because in order to get the old password for the mail account change, you would have to store it as plaintext somewhere. This can be done of course, but it is a breach of the basic trust of keeping user passwords secure.

    Another problem is the backend is short of useful hooks, so doing what you suggest could very likely involve core hacks. never a good idea. Also how do you handle the mail account if the user forgets their password? Easy enough to reset the WP password, but the old plaintext password does not (or should not) exist anywhere.

    To get around the lack of hooks and core hacks, you could build your own new user form to handle the mail signups, and even the password changes could be handled similarly, but depending on how the mail account handles forgotten passwords, this could still prove to be very difficult.

  3. You can't get the password because it is hashed and salted. Which means when a user sets their password WordPress sets an MD5 hash using the Salts stored in wp-config. It is impossible to reverse engineer or get a plain text version.

Topic Closed

This topic has been closed to new replies.

About this Topic