Newbie Admin Locked Out--Lost Password & Can't Get New One (5 posts)

  1. Sujiwan
    Posted 2 years ago #

    This is really embarrassing; I've been blogging regularly for 6 months, took a blogging hiatus for 3 weeks and suddenly I cannot remember my admin password. Nothing I've tried works and I'm darned if I can find where I wrote it down. My fingers don't seem to have any keyboard memory. So idiotic.

    When I use the "Forgot Password" option, I receive an e-mail from
    my site's login.php and a generated key to my username which won't hotlink. Pasting it into the browser brings up "Sorry that key does not appear to be valid".

    So, I'm stuck with this circular response going nowhere. I use Hostgator for my site written on Magazine Basic. I'm locked out of my blog as admin, so what can I do?

  2. Andrew Nevins
    Forum moderator
    Posted 2 years ago #

  3. Sujiwan
    Posted 2 years ago #

    I'm on a Mac OSX, but honestly get panic attacks when it comes to fiddling about with coding much less understanding what I am doing in that realm. I will ask my spouse, who does, to look at that portion of the link you sent. I will report on whether that leads to a fix. Thank you kindly for the prompt response to my query.
    Still miffed at self.

  4. Andrew Nevins
    Forum moderator
    Posted 2 years ago #

  5. Sujiwan
    Posted 2 years ago #

    Reporting back.
    My husband was able to log in under my username on his machine and a proper e-mail was generated, which came to my inbox, allowing me to reset my password, although I had to go through a few additional steps with cut and paste, etc. to complete the process.
    So, I am back as Admin with a working password.

    However, the problem still exists for me using this OSX laptop and for others who lose their password and get the invalid key message. They can't get in.

    Explanation and code below is what my DH noted and what we need to figure out to fix the problem with Forgot Password :

    After following the link, setting and confirming the new password, we get the following page (leaving out the extraneous <head/> stuff).


    <body class="login login-action-resetpass wp-core-ui">
    <div id="login">
    <h1>Carroll Garden Club</h1>
    <p class="message reset-pass">Your password has been reset. Log in</p>
    <p id="backtoblog">← Back to Carroll Garden Club</p>


    <link rel='stylesheet' id='wp-publication-archive-frontend-css' href='http://carrollgardenclub.org/wp-content/plugins/wp-publication-archive/includes/front-end.css?ver=3' type='text/css' media='all' />
    <script type='text/javascript' src='http://carrollgardenclub.org/wp-content/plugins/sem-subscribe-me/js/scripts.js?ver=20090906'></script>
    <div class="clear"></div>

    Note that the value of the href attribute is "". This is supposed to be "http://hostname/wp-login.php". Why it works on my husband's site, and not mine, we don't understand. He suspects apply_filters().

    The faulty link seems to be coming from the following line of code.

    login_header( __( 'Password Reset' ), '<p class="message reset-pass">' . __( 'Your password has been reset.' ) . ' ' . __( 'Log in' ) . '</p>' );

    This comes from the following code block in wp-login.php.

    case 'resetpass' :
    case 'rp' :
    $user = check_password_reset_key($_GET['key'], $_GET['login']);

    if ( is_wp_error($user) ) {
    wp_redirect( site_url('wp-login.php?action=lostpassword&error=invalidkey') );

    $errors = new WP_Error();

    if ( isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2'] )
    $errors->add( 'password_reset_mismatch', __( 'The passwords do not match.' ) );

    do_action( 'validate_password_reset', $errors, $user );

    if ( ( ! $errors->get_error_code() ) && isset( $_POST['pass1'] ) && !empty( $_POST['pass1'] ) ) {
    reset_password($user, $_POST['pass1']);
    login_header( __( 'Password Reset' ), '<p class="message reset-pass">' . __( 'Your password has been reset.' ) . ' ' . __( 'Log in' ) . '</p>' );


    login_header(__('Reset Password'), '<p class="message reset-pass">' . __('Enter your new password below.') . '</p>', $errors );


Topic Closed

This topic has been closed to new replies.

About this Topic