User password reset not working after hacking | WordPress.org

Resolved flojnel
(@flojnel)

9 years ago

One of my clients’ sites was recently hacked. Had Sucuri clean it up and asked users to reset their passwords. One of my clients can no longer get in. I’ve cleared the database of all entries related to him, have reset his password, added his IP to the whitelist, and have put up a clean copy of the plugin. Nothing has worked.

He did make multiple attempts to get in. I have the shared Brute Force protection enabled. Could he be blocked on some external list? If so, how could we change that?

As far as I know, others are not having this issue – I’m not experiencing it. I tested another username/email combo I use for testing and at first couldn’t get in. After I put up a fresh copy of the plugin, I was able to get in.

Any other ideas about what the problem could be?

https://wordpress.org/plugins/better-wp-security/

Viewing 1 replies (of 1 total)

Thread Starter flojnel
(@flojnel)

9 years ago

Fixed. I had the item to force users to use a different nickname checked. It’s supposed to not apply to current users, but something in the process of clearing up the hacking (redoing the salts, I’m guessing), made all users new. I had to disable that feature to get it working.

Viewing 1 replies (of 1 total)

The topic ‘User password reset not working after hacking’ is closed to new replies.

Tags

In: Plugins
1 reply
1 participant
Last reply from: flojnel
Last activity: 9 years ago
Status: resolved