If you’re running a multi author WordPress website. Then you need to take care of every possible attacks on your WordPress website.
I know you’re doing a good job and making your own password as safe as possible. But what about your newly join author, If someone join your site as author then their password is stored in a simple plaintext in their email. And if someone else gets access to the email , it then it can be harmful for you and your site.
In this case you need to take proper action that every author must change their email sent password when they log in for the first time.
Security in WordPress is taken very seriously, but as with any other system there are potential security issues that may arise if some basic security precautions aren’t taken. This article will show you an easy way to change user password security to help keep your WordPress installation secure.
Many potential vulnerabilities can be avoided with good security habits. A strong passwords are an important aspect of this to make sure your site stays secure.
The goal with your password is to make it hard for other people to guess and hard for a brute force attack to succeed. There are many automatic password generators available that can be used to create secure passwords. However when you email someone a secure password it is in PLAIN TEXT. This should only be acceptable for them to login for the first time. Your users can be a liability so it is up to you to force new author to change password, and this plugin makes it easy.
How To force new author to change password:
It’s very easy to force new user to change their password when they login for the first time with a plugin called “Force New Password“. It force your new users to change their first password when they log in.
How To Install Force New Passworrd:
- Upload the plugin content to the “/wp-content/plugins/” directory
- Activate the plugin through the “Plugins” menu in WordPress
- No settings page