forcing of password change

  • Miroslav Glavić

    (@miroslavglavic)


    9 years, 4 months ago

    So a site that I manage (not multisite) has A LOT of users.

    The site got hacked. Person I left in charge had weak 8 character password.

    I changed ALL users to subscribers (until further notice).

    Is there a way to force users to change their passwords (or the system/site do it for them), for that password to be forced for a mix of lower/upper case characters with special characters included and for me to be able to prevent certain words from being part of that password?

    The latest full backup was 3 weeks old, better something than nothing.

    Is there a way that I can force a reset on passwords if they don’t change it by themselves?

Viewing 1 replies (of 1 total)
  • Moderator James Huff

    (@macmanx)

    Volunteer Moderator

    9 years, 4 months ago

    This sounds like what you need: https://wordpress.org/plugins/wp-password-policy-manager/

    In case your WordPress has been hacked or need to reset all WordPress users’ password you can do so with a single click from the passwords policies configuration. Once you reset all of the WordPress users’ passwords each user will receive an email with a new random generated password. Since the password is sent over email once the WordPress users log in they will be asked to change the password again to ensure maximum security.

Viewing 1 replies (of 1 total)
  • The topic ‘forcing of password change’ is closed to new replies.