How to determine if a user has not changed default generated password

March 3, 20232 Views

I’m looking to advise a user that they should change their password from the default generated one that was emailed to them.

Is there a function or hook that will tell me if the user is running the default password?

Post Views: 2

2 comments

Anonymous says:

March 3, 2023 at 6:28 pm
The following will tell you if the user has updated the password generated by WP on registration for a user with ID $user_id:
```
if ( ! get_user_option('default_password_nag', $user_id) ) {
    //then the user has changed the default password
} else {
    //the default password has not been changed
}
```
If you want to send an email @goldenapples’ answer is good (replacing the logic in user_password_check for checking whether the password has been changed with my logic.)
Log in to Reply

The question is, how are you setting the default passwords?

That said, I think it would be perfectly reasonable to trigger a scheduled action in say, a weeks time from the date you create the user. It should be pretty simple, something like this would probably do the trick:

add_action( 'user_register', 'check_in_a_week' );

function check_in_a_week( $user_id ) {
    $user = get_user_by( 'id', $user_id );
    wp_schedule_single_event( 'user_password_check', 7*24*60*60, 
        array( 'user_id' => $user_id, 'user_pass' => $user->user_pass ) );
}

function user_password_check( $args ) {
    extract( $args );
    $user = get_user_by( 'id', $user_id );
    if ( $user->user_pass == $user_pass ) {

        // send them mail...
    }
}

(I didn’t test it yet, so I’m not sure if it will stand up to real use. Treat it as pseudo-code for what you’re trying to do.)

Leave a Reply Cancel reply

2 comments

Social Network

Related posts

Leave a Reply Cancel reply

2 comments

Social Network