[wp-hackers] On overly-obscure passwords
Demetris
kikizas at gmail.com
Wed May 5 18:16:12 UTC 2010
On Wed, May 5, 2010 at 7:54 PM, Peter Westwood
<peter.westwood at ftwr.co.uk> wrote:
>
> On 5 May 2010, at 10:53, John Blackbourn wrote:
>
>> SNIP
>
> The important thing is to have a good secure option that is easy to use.
>
> If the users are struggling with the current solution is it really the character set used or maybe it is more around the wording in the email or the process steps.
>
> SNIP
>
If I were to fix one thing in that process, it would be the messages.
For example, the first e-mail now is this:
Someone has asked to reset the password for the following site and username.
http://example.com
Username: admin
To reset your password visit the following address, otherwise just
ignore this email and nothing will happen.
http://example.com/wp-login.php?blah-blah-blah
I would start by changing the above to something like:
Someone requested a new password for the following site and username.
Site: http://example.com/
Username: admin
Once you visit the following address, WordPress will generate a new
random password and e-mail it to you:
http://example.com/wp-login.php?blah-blah-blah
If you ignore this email, nothing will happen.
Cheers,
Demetris
http://op111.net/
More information about the wp-hackers
mailing list