Has anyone experienced this before? I got a notification from Wordfence that twice someone from Germany had requested a password change for the above site. I didn’t worry too much as the email comes to me. However, I decided to sign in to make sure all was well, and my password didn’t work! I was able to request a password change and change it to a new password and I scanned it and found some back door trojan and deleted it. But I’m a bit freaked out how they were able to change the password.
I’m glad I was notified and have access to the cpanel if anything had gone wrong and back up all my sites often. I’ve also tried hiding the login section but that didn’t slow anyone down from finding the admin username or the place they were to sign in either.
How could they change the password without getting the email? Everything is up to date apart from the WordPress version, I’ve updated the theme and the plugins, I’m just waiting a week or so before updating WordPress as I have a lot of sites to do and I want to be sure that the plugins have had a chance to update and fix bugs.
Is there another plugin I should be using on all my sites that is priced so I can protect all of my sites?
The page I need help with: [log in to see the link]
- The topic ‘Admin password was changed’ is closed to new replies.