Beginning in plugin version 3.3.0, the plugin began shifting to a new password reset that would email a password reset link to the user, allowing them to then set a new password. This became the default in version 3.4.0. In version 3.5.0, the old legacy password reset will be phased out altogether.
Fresh installs of version 3.4.x already incorporate the new password reset, so you do not need to do anything to a site that was a clean install of 3.4.0 or higher.
For versions upgrading from 3.3.9 or earlier, you will need to make a couple of changes to incorporate the new password reset.
- Check the “New Feature Settings” in the plugin’s main Options tab. The settings for Legacy Password Reset and Legacy Login Error MUST be UNCHECKED.
- Make sure there is a page set for “User Profile Page” and that this page has either the [wpmem_profile] shortcode (recommended) or the [wpmem_form password] shortcode. Note that if the [wpmem_form password] shortcode is used, the shortcode cannot be restricted by [wpmem_logged_in].
- Update the Password Reset Email content (see below).
To update the Password Reset Email content, note that the plugin no longer creates and emails a password, so you need to remove the password shortcode from that email (as it will be empty anyway). You are not required to include the password link shortcode ([reset_link]) as it will be included automatically at the end of the message. However, use [reset_link] if you want to place the reset link in a specific location in the message.
By way of example, the new default message that the plugin installs is the following:
A password reset was requested for [blogname].
Follow the link below to reset your password: [reset_link]
If you did not request a password reset for [blogname], simply ignore this message and the reset key will expire.