I don’t believe there is anyway to migrate passwords from our current site due to encryption. I wouldn’t necessarily rule that out. While WP uses PHPass as its regular hash for passwords, it still supports MD5 which was the original hash. If a password is an MD5 hash, it will be updated to the new … Read more
You can use the wp_create_user function to create users without a defined email To log in without a password you can see this question
I’ve wrestled with this problem myself. The issue is that many RSS readers don’t support authentication, so even if you manage to protect your feed, the content won’t be readble for many clients. Using the WordPress Password plugin is probably the wrong way to go. Directly from the author’s site: I’ve pretty well ended support … Read more
The answer to this question was simply that the built-in password protection does not apply if you are using a custom template that doesn’t include the_loop(). Lesson learnt.
http://wordpress.org/extend/plugins/members/ Looks like a good option, I trust his plugins. There are a variety of other plugins available if you search for members, private, access, or a combination of those terms
This is the line you’re looking for: $userdata = get_user_by(‘login’, $username); The get_user_by function calls WP_User::get_data_by and that function eventually executes this SQL: SELECT * FROM $wpdb->users WHERE user_login = $username The hashed password will be contained in the results of that query. Eventually, the wp_check_password function will be called to compare the hashes.
Put this in your .htaccess file after your password protection on the entire site: <Files “page.php”> Allow from all Satisfy any
You can disable caching plugin by delete or rename the plugin folder. If it doesn’t work then you can try access the database via phpMyAdmin, then go to users table and click edit. Input a new password to password field and choose function as MD5 and save.
Actually I found what I need. Using the action lostpassword_post I can add errors before wordpress checks if the username or email is valid. It does not stop wordpress from checking if the username or email is empty, but still it will do the job. This is a simplified version of the code that checks … Read more
The problem is that WP will redirect to the referrer when the authentication succeeds. Fortunately, you can also supply _wp_http_referer and it will be preferred over the HTTP Referrer, so we need to add a hidden field to the form and fill it with the permalink of the post in question: echo str_replace(‘</form>’, ‘<input type=”hidden” … Read more