[wp-trac] [WordPress Trac] #28168: Registration process is dated
WordPress Trac
noreply at wordpress.org
Wed May 7 18:33:06 UTC 2014
#28168: Registration process is dated
------------------------------------+-----------------------------
Reporter: AdamCapriola | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Login and Registration | Version: 3.9
Severity: normal | Keywords:
Focuses: |
------------------------------------+-----------------------------
I think the current new user registration process for WordPress is dated.
Most websites these days (including WordPress.com) require the user to
input a username, email, and password, then make the user the activate
their account via a link in a confirmation email. Presumably it is a
security flaw to email a user their password, which is what WordPress
currently does. (During a forgot password request, WordPress does send a
unique link to change it though, rather than email the user the password
itself, which is good.)
This workflow would also help alleviate the issue of spam accounts
registering on WordPress sites, because the accounts could be made invalid
until the activation links are clicked. If I enable registration on even
my website that gets little traffic, I'll have spam registrations piling
up within minutes.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/28168>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list