I’m using the WordPress’s built-in forgot password reset form and views.
I want to limit the number of reset password email attempts. By default WordPress allows you to send unlimited reset password emails and I want to set a limit. How can I do?
This feature is only available in the Wordfence security plugin. I don’t want to use Wordfence. I searched for other plugins but could not find them. I can actually write code. You can write a suggestion.
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
You need put the attempts on user meta, then do check every time user hit reset passwords.
add_action( 'password_reset', 'my_password_reset', 10, 2 );
function my_password_reset( $user, $new_pass ) {
$limit=5;// Set the limit here
$attempts=(int) get_user_meta($user->ID,"reset_attempts",true);
if($attempts>$limit){
//Do something in here, example redirect to warning page.
wp_redirect( "/warning" );
exit;
}
update_user_meta($user->ID,"reset_attempts",$attempts++);
}
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0