Support » Requests and Feedback » Post via e-mail Password Strength not compatible with cPanel requirements

  • Resolved MKSnMKS

    (@mksnmks)


    The Post via e-mail function generates three random passwords.
    It seems that one of these must be chosen, so as to confirm that the user of the email, is the owner of the website.
    However, the function does not allow the website owner to have any control over the random generated password.
    cPanel measures the strength of the passwords, and does not allow passwords that are weak (which is a very good plan).
    The passwords that are generated by this function do not meet cPanel email management’s standard of security.

    Suggestions;
    1) allow the user to specify the numbers of characters
    2) allow the user to choose whether less conventional characters or symbols can be used.
    3) in any case, allow the generation of much stronger passwords, and possibly allow the user to choose a minimum strength of generated password.
    4) allow the user to make use of their own chosen password.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Moderator Samuel Wood (Otto)

    (@otto42)

    WordPress.org Admin

    4) allow the user to make use of their own chosen password.

    That’s exactly what WordPress does.

    On that screen, you can type in any password you like, as strong or as weak as you like.

    Those are just three random strings, they change every time you load the page. They’re not stored or saved in any way, and you don’t need to use them specifically.

    Thank you for responding to this topic.
    But the issue is not resolved.
    I had originally assumed as you describe, but it did not make an update from the email address, when I tried the password that I had set up with the email account. Nor did it do it with the generated password.

    Please can you let me know how to get this to work?

    And the suggestions for options for the generation of a strong random password are encouraged.

    Thank you for your help in advance.

    Moderator Samuel Wood (Otto)

    (@otto42)

    WordPress.org Admin

    The WordPress post-by-email feature is not automated, and considered deprecated. It may be removed in a future WordPress release.

    If you wish to use it, then you can configure it as you have found. You then need to set up a “cron job” or some other automated way to run the wp-mail.php file on a regular basis. Running the wp-mail.php file in the WordPress root directory will cause it to check for emails using the information you give it, and create new posts using those emails.

    All emails in that account will be posted, so keep the email account you use absolutely secret.

    Alternatively, you could use a plugin to do this in a more controlled manner. Many plugins for post-by-email exist, and given that WordPress will likely remove this functionality, those may be a better alternative.

    Hi Samuel Wood (Otto) (@otto42),

    Thanks for the info.
    I assumed the system automatically grabbed the emails and added them to the page, and had not realised that I needed to set up a chron job on the server.

    I assumed that if any additional action was required by the user, then the plugin would have informed me somehow (e.g. message, or steps in setup).

    As it is, I had already looked around for other plugins to do the job.

    This seems like a case of “functional” but “not effective usability”.
    It would have been quite a useful function on a blog, in the older days.

    Thank you

    Moderator Samuel Wood (Otto)

    (@otto42)

    WordPress.org Admin

    Yes, it was a useful function, but it was deprecated many versions ago and the functionality of it simply has not been removed yet.

    Like I said, consider using a plugin instead of relying on this old functionality.

    Hi Samuel Wood (Otto)(@otto42),\

    Okay. I will not use it.
    I had installed “Postie” plugin, so will go with that.
    Thanks

Viewing 6 replies - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.