How to allow weak passwords

  • Resolved mhartste

    (@mhartste)


    6 years, 4 months ago

    Hi Jeff –

    I think this is a TML issue ???

    When one of my members wants to change their password on the /your-profile/ page they are shown a password strength indicator, and if their password is weak they can tick a checkbox to “Confirm Use of Weak Password”.

    Likewise, an administrator can set a user password at /wp-admin/profile.php and “Confirm Use of Weak Password”.

    But if a user forgets their password and gets a link to reset it on page /login/?action=rp, they are shown the password strength indicator but they cannot change their password until the password strength is at level Medium or higher.

    Is there a way to allow the users to “Confirm Use of Weak Password” on the reset password page, like the other pages?

    And thanks for your consistently prompt replies!

    Mike

    The page I need help with: [log in to see the link]

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Author Jeff Farthing

    (@jfarthing84)

    6 years, 4 months ago

    Another plugin is likely causing this.

    gosupernova

    (@gosupernova)

    6 years, 4 months ago

    I believe this is part of WordPress itself in a push to improve security

    morrelmi

    (@morrelmi)

    6 years, 4 months ago

    I am experiencing the same issue, please tell me if you get this resolved!

    puregraphx

    (@puregraphx)

    6 years, 4 months ago

    Same issue here.
    Default wp-login.php?action=rp shows the “Confirm Use of Weak Password” checkbox, but the TML /resetpass/ does not.

    I have also noticed that page does not load that autogenerated /wp-admin/load-styles.php file so TML shows 2 input fields instead of 1.

    Thread Starter mhartste

    (@mhartste)

    6 years, 3 months ago

    This is fixed in TML Version 6.4.10. When a user provides a new password on the Lost Password page they now have a checkbox to allow a weak password.

    Thanks, Jeff!

    puregraphx

    (@puregraphx)

    6 years, 3 months ago

    @mharste indeed, the checkbox is now visible in the latest version, however, the weak password is still not accepted.
    When I use 123 and check weak password, the page seems to refresh, but the new password is not accepted.
    step 1 http://prntscr.com/i5x6xl step 2 http://prntscr.com/i5x7hz

    Plugin Author Jeff Farthing

    (@jfarthing84)

    6 years, 3 months ago

    Do you have any other plugins that could be requiring a stronger password?

    puregraphx

    (@puregraphx)

    6 years, 2 months ago

    iThemes Security required strong password for Subscriber and up. We have disabled it in their plugin, weak pwd from TML is now accepted.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘How to allow weak passwords’ is closed to new replies.