when a users clicks the forgot password link on the login page, they are sent a password reset link via email, on clicking this link the user can then change their password to a weak password. A strong password is not enforced. Any ideas? I’m going to have a look at the code.
- The topic ‘[Plugin: Force Strong Passwords] forgot password still allows weak passwords’ is closed to new replies.