[wp-trac] [WordPress Trac] #33759: An admin changing an email/password should not generate a notification

WordPress Trac noreply at wordpress.org
Mon Sep 7 05:01:07 UTC 2015


#33759: An admin changing an email/password should not generate a notification
--------------------------+-----------------------------
 Reporter:  smerriman     |      Owner:
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  Users         |    Version:  4.3
 Severity:  normal        |   Keywords:
  Focuses:                |
--------------------------+-----------------------------
 Branched off from #33504 as requested.

 In 4.3, email notifications are now sent to a user whenever their email or
 password is changed. The reasoning behind the was solely from a security
 perspective:

 ''so if someone hijacks your browser session and changes these items,
 you’ll be notified that it happened, and you can take action.''

 If the person changing the email/password is an admin, this notification
 does not provide any security benefits or useful information - all is done
 is mislead/confuse the user.

 It does not provide security benefits because an admin has full control of
 the site and rights to do whatever they want - they could delete every
 user account on the site and create their own if they wanted to.

 It is misleading/confusing because the notification implies this should
 only be happening if they changed the information themselves: ''If you did
 not change your password, please contact the Site Administrator''.

 A common use-case where an admin is changing the password of a user occurs
 after a WordPress import - you are prompted to change all imported users'
 passwords. Other than editing site code to add filters, you can no longer
 do so without everyone getting an email they won't understand - even if
 you are setting their passwords to same as their originals.

 For these reasons, I suggest altering the code to not send these
 notifications if the change of email/password was instigated by someone
 with admin rights.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/33759>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list