Support » Plugin: WP-Members Membership Plugin » Password not working after user activation.

  • Resolved dchara01

    (@dchara01)



    Hello,

    I have changed my website from normal registration to moderated.
    After I did so, all existing accounts except the admins became deactivated.
    I bulk activated them, but after that their passwords are not working.
    Update: Existing user passwords are working. The problem is with new registrations.
    They have to go through the regular process to reset their passwords and then they can log in.

    I tried with a new registration.
    I have then approved it and when I tried to log in, it keeps returning Login Failed.
    I tried with and without user defined password fields during registration. Neither of them works. If no password field is required during registration, the system will send an auto-generated password to the user, but it won’t work.

    It seems like a serious bug. I currently have all the users of my website unable to login. Most of them, don’t realize that they have to reset their passwords and they keep entering wrong passwords, which results in IP blocks. A real mess… Please help!

    Here’s the website: https://snail-trading.com/register/

    • This topic was modified 1 year, 9 months ago by  dchara01.
    • This topic was modified 1 year, 9 months ago by  dchara01.
Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Chad Butler

    (@cbutlerjr)

    The insert of the update in your post confuses the issue a little bit. I can’t tell if the paragraphs that follow are part of the original post or after the update. If they are after it doesn’t make a lot of sense since these statements seem to be in conflict.

    Could you tell me the steps through which you changed settings in specific order? When you changed to moderated registration, did you add a password field to the registration form at that time or did that occur later in the process?

    Also, you evidently have additional security plugins installed (“they keep entering wrong passwords, which results in IP blocks.”) – what plugin is that?

    Hello,

    It seems that it was some great conflict of several things.

    I was using non-moderated registration with no password field. Then I enabled the moderated registration and I added a password field.

    The first thing that I noticed was that all of the user accounts on the website became inactive, except the admins. I believe that since they are existing users they should be activated automatically. Anyway. I bulk activated them and the system sent an activation email to all of them, which flooded the mail server.

    Then I got a few requests on chat from existing members saying that their credentials don’t work. Since I am using Wordfence some other security measures kicked in blocking IPs. That’s when I wrote the initial post.

    Then I tried to login with a user account that I have for my own, not the admin, but an author account and I logged in normally. That’s when I edited my original post.

    Then I decided to create a new user account to test. I entered all the details including a password and I registered. I activated the account from the admin panel, I got the account approval mail, which of course didn’t include a password, but when I tried to login the password that I entered during registration didn’t work.

    Then I removed the password field and I registered again. I activated the account, I got the approval mail with a password in it, but again I was unable to login with that password.

    Reseting the password worked in both cases.

    I repeated this process three times and it didn’t work. Then I tried after a few hours and it all worked.

    I am sorry for the misunderstanding… I dont know why that happened, but you can close this thread as solved now. Everything works.

    UPDATE: I identified one problem!

    When the password field exists and the user enters a “Very Weak” or “Weak” password, according to WordPress, the registration process with go smoothly but the user will be unable to login with that password, after account approval.

    I suppose the wp-members plugin makes no such test and accepts every password, but then WordPress does not accept it. I know there’s a checkbox in WordPress settings “Confirm use of weak password”. You will probably have to find out how to enable that pro grammatically.

    Plugin Author Chad Butler

    (@cbutlerjr)

    I suppose the wp-members plugin makes no such test and accepts every password, but then WordPress does not accept it.

    WordPress will accept any password through the plugin. The “confirm use of weak password” does not apply to the process. However, if you have another plugin that forces a user to have a strong password, then it is likely that hooks into the same process WP-Members is using and would interfere with completion of it.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Password not working after user activation.’ is closed to new replies.