Emergency Password Reset

Description

This plugin allows an admin user to reset all the passwords and automatically email out the link to reset
You can also change a username from the dangerous “admin” to something less of a target
Lastly you can logout everyone out by updating the SALTs

Screenshots

  • The main and only screen!

Installation

  1. Upload the emergency-password-reset directory to the /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ menu in WordPress.
  3. Click on Emergency Password Reset in the Users menu
  4. Click on the ‘Reset Passwords’ button

FAQ

How does it work?

When you click rest passwords, the plugin recreates random passwords for every user and emails them the reset password link.

Will I be secure now from a hack?

Not necessarily. We advise you change your SALTS in the wp-config.php file which will force logouts for all users. WordPress provide a tool to generate new ones.
You can now reset them automatically from the plugin Dashboard>Settings>Reset SALTs
Check out our blog post on hacked WordPress sites

Reviews

April 15, 2021
Or, if it crashes, some. I'd rate it higher if you could reset passwords for only a group at a time, instead of literally every single account that has ever been made on your website. That's sending over 2000 (useless) emails for companies using things like woocommerce!
January 24, 2019
As we all know our members may get lazy with maintaining (updating) their passwords. This really is a nice simple way of resetting everyone's password. I have about 100 user accounts and all of my members were able to quickly and easily change their password. The Password Reset Link they receive in their email is really great! One of the other benefits of this plugin is it quickly helps you identify user accounts with defunct email addresses. I simply deleted these accounts thereby forcing users with outdated email accounts to re-register. A couple of suggestions: #1. Reset All Passwords in the morning. This gives users enough time to reset their passwords before the link expires. #2. When installing the plugin, add the following css code to your Customizer's Custom CSS. This will nudge your users to choose strong passwords. Note - install this css code before resetting all passwords. .pw-weak { display: none !important; } I will use this plugin to force all of my members to change their passwords on an annual basis. Great job Andy!
February 24, 2017
This plugin does what it says on the tin. Works with multisite. Simply run it from the main blog in the network. Then delete it. Gotcha: it runs thorugh all users in a single request, so it may time out if your network has more than, say, 500 users.. Depending on your server env, you may not even see an error page, so you won't know which users were processed and which ones are pending.
February 21, 2017
This does what it says on the tin, and for that I am grateful! However, if you have iThemes Security installed, with the 'hide backend' feature, you will want to turn that feature off before resetting the passwords. Or you will find yourself unable to use the reset link that gets sent in the email.
Read all 9 reviews

Contributors & Developers

“Emergency Password Reset” is open source software. The following people have contributed to this plugin.

Contributors

Changelog

6.2

  • Translation ready

6.1

  • New username when changing from “admin” properly sanitized.

6.0

  • Don’t allow a user to reset admin username to empty field!

5.0

  • Added WordPress reset “salt keys” to secure your site – Dashboard>Settings>Reset SALTs

4.0

  • Updated deprecated functions

3.0

  • Updated reset link

2.0

  • Password reset link sent

1.0

  • Sends link to reset password page rather than new password

0.5

  • Form to change username from “admin”

0.4

  • Shows WP 4.0 compatability

0.3

  • Add Screenshot

0.2

  • Correct the title in readme.txt!

0.1

  • Initial release