You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This problem came up a little bit ago and I didn't have time to write it up, so it is not as pressing as it was... but it could come up again... So a few months ago for security reasons we revoked a large number of WordPress.com passwords, requiring the users to reset their password before they would be able to access their site or account.
With users who did not see our email about needing to reset their password, if they were logged into the app before the password reset, they would still be able to explore the WordPress app, but if they tried to do anything that would require authentication, like posting or uploading images, they would see a generic error, with no indication that the problem was their password having been invalidated. This created a lot of confusion amongst users who seemingly were connected to the app, but were suddenly unable to interact with their site. A similar problem would occur if a user goes to their account in a web browser, resets their password, and then doesn't re log back into the app.
Would it be possible to detect that the passwords had been revoked or changed? If so, can we display to the users a more detailed error then the generic error that is appearing currently?
The text was updated successfully, but these errors were encountered:
This problem came up a little bit ago and I didn't have time to write it up, so it is not as pressing as it was... but it could come up again... So a few months ago for security reasons we revoked a large number of WordPress.com passwords, requiring the users to reset their password before they would be able to access their site or account.
With users who did not see our email about needing to reset their password, if they were logged into the app before the password reset, they would still be able to explore the WordPress app, but if they tried to do anything that would require authentication, like posting or uploading images, they would see a generic error, with no indication that the problem was their password having been invalidated. This created a lot of confusion amongst users who seemingly were connected to the app, but were suddenly unable to interact with their site. A similar problem would occur if a user goes to their account in a web browser, resets their password, and then doesn't re log back into the app.
Would it be possible to detect that the passwords had been revoked or changed? If so, can we display to the users a more detailed error then the generic error that is appearing currently?
The text was updated successfully, but these errors were encountered: