[wp-trac] [WordPress Trac] #60529: Filter to disable "password reset"
WordPress Trac
noreply at wordpress.org
Tue Feb 13 16:58:45 UTC 2024
#60529: Filter to disable "password reset"
------------------------------------+-----------------------------
Reporter: ttodua | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Login and Registration | Version:
Severity: normal | Keywords:
Focuses: |
------------------------------------+-----------------------------
there is existing filter `allow_password_reset` which doesn't work as it
might sound..
For example, setting that filter to `false` still allows the "wp-
login.php?action=lostpassword" url continue to work.
Many people today uses 3rd party authorizations (Google sign in, facebook,
etc etc) and want to have disabled internal registration/password reset
forms.
It will be good to have a filter to disable "Lost password" capability
completely.
(Also, I assumed that if users are allowed to be registered on site, then
it doesn't have any point to have "Lost password" disabled, so, the check
includes whether "registration is disabled".)
--
Ticket URL: <https://core.trac.wordpress.org/ticket/60529>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list