[wp-trac] [WordPress Trac] #35255: Password Reset URL doesn't include period '.' character in username
WordPress Trac
noreply at wordpress.org
Tue Dec 29 19:21:51 UTC 2015
#35255: Password Reset URL doesn't include period '.' character in username
----------------------------+-----------------------------
Reporter: HaveAnEpiphany | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Users | Version: trunk
Severity: normal | Keywords:
Focuses: administration |
----------------------------+-----------------------------
This one is unexpected, because I don't usually use punctuation in
usernames, but I just was assigned a user account by a friend of mine on a
site he controls.
When the "Your username and password info" email arrived, I clicked the
link to set my password, and received the `Your password reset link
appears to be invalid. Please request a new link below.` error.
Requesting a new password via email resulted in the password email
arriving, and when I clicked the link in it, I received the same error.
On closer inspection, my username contained a `.` (period) character. In
fact, it was the final character in the username.
When I looked at the URLs in the two emails I received, I noticed that the
final character (the `.` or period) was stripped from the password reset
link, which invalidated it.
I was able to reset my password by copying and pasting the link, then
adding the `.` character to the end before continuing.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35255>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list