Support » Plugins » Hacks » Why does WP automatically generates passwords on registration?

Viewing 1 replies (of 1 total)
  • Ok so this is an interesting one.

    If you have a solution to make it happen thats great, lets think it through so we can be certain of security.

    So long as you use a method for enforcing strong passwords, users can create their own passwords and you know they will be up to standard. So no there’s no security issue here, in fact it may be more secure to ask users to choose a password (so long as a reasonable strength is enforced), that way its not emailed over a non-secure connection and it wont be visible in a plain text email somewhere.

    Alternatively you may want to consider forcing users to change their password when they login. I am only guessing, but i bet your client would prefer the user to choose their own password so that they are more likely to remember it, remind them that there is a reset password button on the login screen for users, and you can also use other things like a Facebook or WordPress single sign in plugin to eliminate usernames and passwords all together and still maintain security.

    also using a plugin i like to give my users the option of signing in with their email or username that way they don’t have to remember the username, and if they reallly want they can sign up using their email password, that way their login will be easy to remember because they can now login with their email and email password.

Viewing 1 replies (of 1 total)
  • The topic ‘Why does WP automatically generates passwords on registration?’ is closed to new replies.