Question2Answer Q&A - Recent questions tagged forgot-password

Where is 'forgot' page?!

Thu, 08 Jun 2023 12:45:35 +0000

Hello

When I click on the forgot password link I get an "HTTP ERROR 500" error!
Can you guide me?

Brute force protection on reset password

Wed, 17 Aug 2022 08:42:59 +0000

Hi

Our security teams noticed it is possible to takeover an account by brute forcing reset password functionality.

Technically it is possible to do any number of requests (with code) on reset password page.

Are there any plugins or maybe I simply do not know how to configure system properly?

Thanks!

ERROR: Could not send reset password email

Sun, 04 Jul 2021 15:32:36 +0000

I've tested it on several q2a versions and the error continues. It started after I migrated my website with the database to a new server, this error happens when I activate the option to send emails via smtp

Question2Answer fatal error: Could not send reset password email Stack trace: require() in index.php:27 require() in qa-index.php:183 qa_get_request_content() in qa-page.php:827 qa_call_override() in qa-page.php:194 qa_call() in qa-base.php:671 qa_get_request_content_override_3_in_qa_sig_overrides_php() in qa-base.php:619 qa_get_request_content_override_2_in_qa_cv_overrides_php() in qa-base.php(595) : eval()'d code:11 qa_get_request_content_override_1_in_qa_poll_overrides_php() in qa-base.php(595) : eval()'d code:9 qa_get_request_content_base() in qa-base.php(595) : eval()'d code:12 qa_call() in qa-base.php(669) : eval()'d code:1 qa_get_request_content() in qa-base.php:619 require() in qa-page.php:203 qa_start_reset_user() in forgot.php:71

admin password reset very very very hard?

Wed, 22 Jul 2020 16:49:25 +0000

I didnt it, ı do wordpress reset password but q2a didnt.

Why is it so hard?

I tried these, it didn't.

https://www.question2answer.org/qa/38408/how-use-forgott-password-admin-account-when-email-hasnt-been

How to change user password by admin ?

Sat, 19 Jan 2019 05:39:22 +0000

Here no option, admin can able to change user password.

how to reset admin password from backend

Mon, 10 Dec 2018 19:54:49 +0000

Hi,

I have a question2answer site but I forgot my admin password. When i use the forgot password link to send an email to reset password, i get bellow error. Is there any other way to know/reset admin password.

Question2Answer fatal error:

Could not send reset password email

Stack trace:

require() in index.php:27
require() in qa-index.php:183
qa_get_request_content() in qa-page.php:827
require() in qa-page.php:203
qa_start_reset_user() in forgot.php:71

Password reset / message sending error

Wed, 14 Feb 2018 01:28:41 +0000

Hello

After pressing button "Send Reset Password Email" a blank page appears. There's no email sent, no information, only white blank page. The problem started after upgrading Q2A from 1.7.5 to 1.8.0.

An option to send emails via SMTP is disabled.

What's wrong? Thanks in advance.

EDIT: I found another error. Blank page appears after sending private message. Finally message is send, but the user (receiver) doesn't receive an email about that. In this situation I decided to temporary downgrade version of Q2A back to 1.7.5 (until we find out what's wrong with 1.8.0) and now problems mentioned above doesn't appear.

Fatal Error to reset forgotten password

Fri, 19 May 2017 14:03:53 +0000

Hello, there is in my QA option restore forgetten password after press "Send reset password email".

After press button QA show me next error:

Could not send reset password email

Stack trace:

require() in index.php:27
require() in qa-index.php:183
qa_get_request_content() in qa-page.php:824
require() in qa-page.php:203
qa_start_reset_user() in forgot.php:71

Whats wrong there??

Thanks!!

Email reset password code not changed over time

Sat, 08 Oct 2016 09:57:50 +0000

Hi There,

When password reset email is being sent, a code is sent to the user mail box. This code changes if the user asks Q2A to send reset email again.

I know this change has security reasons, but I recommend to lower the security standards over here as the risk is acceptable. Users usually get confused in this process and can't complete the process. Loosing users in this way pose a higher risk to Q2A websites.

Is there anyway that users can get same codes over time?

Thanks

Can we improve the forgot password procedure?

Thu, 23 Jun 2016 09:05:46 +0000

Just had two different users (about 50+ years old) who were not able to create new passwords for their accounts.

I tried it myself to understand at which 'position' their problem was.

1. /forgot works fine at first: Enter email + Anti-spam and click "Send Reset PW Email"

2. Email contains a link and the code (first confusing for user: "Should I take the link or the code?"

3. Clicks link (e.g. reset?c=eaczs74j&e=mail%40me.com): User sees page with prefilled email and prefilled code

4. There on the page, user clicks "Create new password"

5. Gets message frontend about a new mail --> And I think here is the problem, one of the users told me "Why have I got a second email?!"

Suggestion:

A - Can't we show the new password frontend? OR:

B - With the generated code link, we could already present a field to "set your new password"

How to reset any users password?

Mon, 04 Jan 2016 11:29:59 +0000

I have one q2a site and I want to reset a users password which I think is a fake user. How can I reset his password while logging in from admin panel, Any help?

Make Q2A site private except for login and forgot page

Sun, 28 Jun 2015 10:58:41 +0000

I'm using the code shown below in qa-app-users.php ( the $qa_logged_in_userid_checked=true; function)

..which makes the site private.. but this means users can't get to the forgot password page when they are not logged in..

how do i create an exception to the redirect for www.someQ2Asite.com/forgot ... ?

thanks much !

if (

(empty($_SESSION['qa_session_userid_'.$suffix]))

&& ($_REQUEST["qa-rewrite"]!="login")

&& ($_REQUEST["qa-rewrite"]!="register")){

qa_redirect_raw('login');

}

How do I disable the forgot password link?

Thu, 09 Apr 2015 18:27:42 +0000

Right now, I use the QA LDAP Plugin to manage user access (vs. using the built in user database).

As a result, passwords are not managed by Q2A itself.

For this reason, I'd like to disable the forgot my password link, or instead perhaps change it to say something like "User accounts are controlled externally. Please use blah blah LDAP to change your password."

How do I do this?

(I haven't yet seen what happens when I try to reset my password with the plugin installed, but I am not trying to screw up the app).

fatal error: Could not send reset password email

Sun, 19 Oct 2014 12:07:10 +0000

Hello Friends

When i use forgot password method I found a fatal error message. And also when anyone can register in my site then the verification mail are not sent to the email address given by user.

I check my MAIL tab in the admin panel it was ok.

Question2Answer fatal error:

Could not send reset password email

Stack trace:

require() in index.php:31
require() in qa-index.php:175
qa_get_request_content() in qa-page.php:789
qa_call_override() in qa-page.php:198
qa_call() in qa-base.php:579
qa_get_request_content_override_2_in_qa_poll_overrides_php() in qa-base.php:532
qa_get_request_content_override_1_in_qa_cv_overrides_php() in qa-base.php(510) : eval()'d code:12
qa_get_request_content_base() in qa-base.php(510) : eval()'d code:9
qa_call() in qa-base.php(577) : eval()'d code:1
qa_get_request_content() in qa-base.php:532
require() in qa-page.php:207
qa_start_reset_user() in qa-page-forgot.php:75

Is it possible to change someting in script and solve this problem.

How to use 'forgott password' for an admin account when email hasn't been set up?

Tue, 16 Sep 2014 02:48:57 +0000

I've just set up Q2A site and forget my admin password.

Users has added many questions to the site so I can hardly reinstall.

So I need to reset password for admin though I haven't configure emailing in admin control panel.

Using 'forget password' brings me the error page saying `cannot send email`.

So, what can I do now to get back to admin page of my Q2A page?

How to change a user password from the database?

Wed, 25 Dec 2013 01:45:37 +0000

Basically, I forgot the admin's user password so I'm not able to log in to reset it. Additionally, I'm not able to reset it via the forgot password feature as I'm still setting up the site and the mailing system is not working.

How can I reset a user's password directly from the database?

Just Bought Q2A Website from Someone Need Help Logging In

Tue, 08 Oct 2013 16:23:49 +0000

So I just bought a question2answer based website from someone, domain name, content, etc. I have uploaded the files and the databases to my host. The site is live and running but I am having trouble figuring out how to log into the Admin panel without the password (seller has gone AWOL). I tried setting up the old email account he was using, on my host - same name and all - but it will not send the password to that address.

Any ideas on how to get things going? I was looking around in PhpMyAdmin for the user password but it looks a bit more complicated than just changing a simple username in Wordpress or the like. It is all encrypted. Is this the right place to change the password or should I be looking elsewhere?

Thanks!

Successfully ported all questions/answers/users from OSQA - now my 'forgot password' is broken

Sun, 02 Jun 2013 01:17:10 +0000

Hi all,

I've been successful in porting my data over to http://merspi.com.au from my OSQA backup.

However now I'm testing the site and I've noticed that the 'forgot password' functionality is broken for users that have been inserted into the database.

Why would this be? Have I possibly inserted them into the database incorrectly? Is it something to do with the password hashes? What fields are required in the DB to allow for successful password resets?

Hmmmm.

Thanks in advance!

qa_complete_reset_user

Wed, 16 Jan 2013 23:32:15 +0000

When the "forgot password" feature is used, the system correctly sends out an email asking the user if they intend to reset their password (with verfication code, etc).

However, once the code is entered, the system never sends the follow up email with the new password.

The problem seems to be in qa_complete_reset_user

Any suggestions?

Create Database including User Management BUTTON NOT WORKING

Mon, 15 Aug 2011 04:05:18 +0000

I have configured the file for database and created database also but stil when I click onver: Create Database including User Management Button. It doesn't work and only reloads the page but doesn't go further.