[wp-hackers] On overly-obscure passwords

Demetris kikizas at gmail.com
Wed May 5 18:16:12 UTC 2010

On Wed, May 5, 2010 at 7:54 PM, Peter Westwood
<peter.westwood at ftwr.co.uk> wrote:
> On 5 May 2010, at 10:53, John Blackbourn wrote:
> The important thing is to have a good secure option that is easy to use.
> If the users are struggling with the current solution is it really the character set used or maybe it is more around the wording in the email or the process steps.
If I were to fix one thing in that process, it would be the messages.

For example, the first e-mail now is this:

Someone has asked to reset the password for the following site and username.


Username: admin

To reset your password visit the following address, otherwise just
ignore this email and nothing will happen.


I would start by changing the above to something like:

Someone requested a new password for the following site and username.

Site: http://example.com/

Username: admin

Once you visit the following address, WordPress will generate a new
random password and e-mail it to you:


If you ignore this email, nothing will happen.



More information about the wp-hackers mailing list