Tuesday, August 11, 2009

WordPress 2.8.3 Remote admin reset password

The way Wordpress handle a password reset looks like this: You submit your email adress or username via this form /wp-login.php?action=lostpassword ;
Wordpress send you a reset confirmation like that via email:

Someone has asked to reset the password for the following site and username. http://DOMAIN_NAME.TLD/wordpress
Username: admin
To reset your password visit the following address, otherwise just ignore this email and nothing will happen

http://DOMAIN_NAME.TLD/wordpress/wp-login.php?action=rp&key=o7naCKN3OoeU2KJMMsag "

You click on the link, and then Wordpress reset your admin password, and sends you over another email with your new credentials.

Let's see how it works: