WordPress: force users to change password on first login

5 Views

Users on my website sign up through a form (Gravity form) and after they are manually approved they are sent a username (their email address) and a randomly generated password.

I would like these users to be forced to change their password when they first login, is this achievable?

Read More

I took a look at the thread Can I force a password change? but that doesn’t resolve my issue.

Post Views: 5

Related posts

Leave a Reply

2 comments

  1. I’ve put together a quick plugin at https://github.com/lumpysimon/wp-force-password-change in response to your question and a recent client request for exactly the same thing.

    It adds a user meta field on registration, then checks for the presence of this when a user is logged in. If it’s not there, they are redirected to the edit profile page and an admin notice is displayed. After they change their password the user meta field is removed.

  2. WordPress has this already built in essentially. It’s not clear how you are processing the form, but when you register the user, just call: 

    update_user_option( $user_id, 'default_password_nag', true, true );

    Alternatively (if that’s not possible?) you can use a hook:

    add_action('user_register', 'wpse72788_password_nag');
function wpse72788_password_nag( $user_id ){
     update_user_option( $user_id, 'default_password_nag', true, true );
}