[wp-hackers] On overly-obscure passwords

Demetris kikizas at gmail.com
Wed May 5 18:16:12 UTC 2010


On Wed, May 5, 2010 at 7:54 PM, Peter Westwood
<peter.westwood at ftwr.co.uk> wrote:
>
> On 5 May 2010, at 10:53, John Blackbourn wrote:
>
>> SNIP
>
> The important thing is to have a good secure option that is easy to use.
>
> If the users are struggling with the current solution is it really the character set used or maybe it is more around the wording in the email or the process steps.
>
> SNIP
>
If I were to fix one thing in that process, it would be the messages.

For example, the first e-mail now is this:

Someone has asked to reset the password for the following site and username.

http://example.com

Username: admin

To reset your password visit the following address, otherwise just
ignore this email and nothing will happen.

http://example.com/wp-login.php?blah-blah-blah

I would start by changing the above to something like:

Someone requested a new password for the following site and username.

Site: http://example.com/

Username: admin

Once you visit the following address, WordPress will generate a new
random password and e-mail it to you:

http://example.com/wp-login.php?blah-blah-blah

If you ignore this email, nothing will happen.

Cheers,

Demetris
http://op111.net/


More information about the wp-hackers mailing list