Naiba believes that wherever passwords are involved, there will always be cases of forgetting them. For example,
WordPress Password Forgotten_Three Methods to Recover Administrator PasswordThe plugin introduced in this article allows you to no longer need to remember a password; you just need WordPress to send you a login link via email to log into the website without a password.
Passwordless Login to WordPress
Plugin Introduction
The plugin that enables passwordless login for WordPress is called
Passwordless Login. It is a free
WordPress Plugin, and its workflow is as follows:
- When a user attempts to log into your website, we do not ask for a password, but only request their username or email.
- The plugin creates a temporary authorization token for them to log in, and the login link will expire after 10 minutes.
- Then, we send an email to the user containing the link and token.
- The user clicks the link and sends the authorization code to your server.
- Then, the plugin checks if the code is valid and creates a log in the WordPress cookie, thereby successfully authenticating the user.
Download LinkPlugin Usage Method
After downloading and installing Passwordless Login, you can invoke it using the shortcode [passwordless-login]. It can be inserted into posts or widgets. However, using Passwordless Login has a prerequisite: your server's email system must be functioning properly. Typically, most servers cannot send emails directly and require SMTP for sending. You can refer to this article:
Recommended WordPress SMTP Email Plugins I Have UsedAdditionally, this plugin cannot replace WordPress's default login functionality, meaning both login methods can coexist. However, you can consider hiding the WordPress admin login URL to enforce login via email link. Reference article:
Hide WordPress Admin Login Address to Enhance Security: WPS Hide LoginWhy Use Passwordless Login for WP
The main reason for using email link passwordless login for WordPress is to enhance website security, especially for sites with multiple authors or users. We know that most people use simple passwords or the same password across multiple websites. You might maintain password security yourself, but other users on your site may not proactively set a secure password for your site. By implementing the email passwordless login method described in this article, you can forcibly improve WordPress security. After using this Passwordless Login, if someone wants to steal a user's password to log into your site, they would need to:
- Guess the username or email
- Steal the target's email account (and must do so within ten minutes)
Which Websites Are Suitable for Passwordless Login
Passwordless login is not suitable for WordPress sites with a very large user base, as your emails are likely to be marked as spam or exceed sending limits, causing users to fail to receive emails and be unable to log into the site.
Passwordless login is suitable for use on corporate websites.Because the vast majority of corporate employees do not prioritize website security (since they are just employees), administrators can set a complex password when creating accounts for staff, then hide the real backend login URL, forcing the use of email link login. (After all, the email is their own, so security should still be considered.)
The plugin that enables passwordless login for WordPress is calledPasswordless Login. It is a freeWordPress Plugin, and its workflow is as follows:
Comments are closed
The comment function for this article is closed. If you have any questions, please feel free to contact us through other channels.