Frequently asked questions
General Questions
What is Frontend Reset Password?
Frontend Reset Password is a WordPress plugin that allows users to reset their forgotten passwords through a custom frontend page instead of the default WordPress login page. This provides a more seamless, branded experience for membership sites, e-commerce platforms, and any WordPress site where users should not access the WordPress backend.
Do I need this plugin?
You need this plugin if:
- You want users to reset passwords without seeing
wp-login.php - You're building a membership site with custom branding
- You want to customize the password reset experience
- You need to enforce specific password requirements
- You want to match the reset flow to your site's design
You don't need this plugin if:
- The default WordPress password reset is sufficient
- You're comfortable with users seeing the WordPress login page
- You don't need customization options
Is this plugin free?
Yes, the core functionality is available for free. Check the plugin repository or WP Enhanced website for current licensing details.
Does it work with any WordPress theme?
Yes, the plugin works with any properly coded WordPress theme. It uses WordPress standards and provides template override capabilities for maximum compatibility.
What WordPress version is required?
The plugin requires WordPress 5.0 or higher. It's tested with the latest WordPress versions and follows WordPress coding standards.
Installation & Setup
How do I install the plugin?
- Go to Plugins > Add New in WordPress admin
- Search for "Frontend Reset Password"
- Click "Install Now"
- Click "Activate"
- Go to Settings > Frontend Reset Password to configure
See the Installation guide for detailed instructions.
How do I set up the password reset page?
- Create a new page (Pages > Add New)
- Add the shortcode:
[reset_password] - Publish the page
- Go to Settings > Frontend Reset Password
- Select this page in "Reset Password Page" dropdown
- Save changes
See the Quick start tutorial for step-by-step instructions.
What shortcode do I use?
Use [reset_password] exactly as shown. Common mistakes:
- ❌
[reset-password](wrong hyphen) - ❌
[password_reset](wrong order) - ❌
[Reset_Password](wrong capitalization) - ✅
[reset_password](correct)
Can I use the shortcode in multiple places?
Yes, you can place the [reset_password] shortcode on multiple pages, but you should designate one page as the primary reset page in plugin settings.
Do I need to configure anything else?
Basic setup only requires:
- Creating a page with the shortcode
- Selecting that page in settings
Optional configuration:
- Customize email content
- Set password requirements
- Customize form text
- Enable password visibility toggle
Functionality
How does the password reset process work?
The process has three stages:
- Request Stage: User enters email/username → receives email with reset link
- Reset Stage: User clicks link → enters new password → submits form
- Completion Stage: Password updated → confirmation message displayed
See Three-stage reset flow for details.
How long is the reset link valid?
Reset links expire after 24 hours by default. This is a WordPress core security feature. Users must request a new link if theirs expires.
To extend expiration time, see Invalid or expired key troubleshooting.
Can users reset passwords multiple times?
Yes, users can request password resets as many times as needed. Each request generates a new reset key and invalidates previous keys.
What happens to the old password?
When a user successfully resets their password, the old password is permanently replaced. The old password cannot be recovered.
Are users logged in automatically after reset?
No, users must log in with their new password after resetting. This is a security best practice.
Can I redirect users after password reset?
Yes, configure redirect pages in Settings > Frontend Reset Password > General Settings:
- "Success Redirect Page" - where to send users after successful reset
- "Login Page" - where users go to log in with new password
Customization
Can I customize the form appearance?
Yes, you have three customization options:
- CSS Styling: Add custom CSS to match your theme
- Template Overrides: Copy templates to your theme and modify HTML
- Settings: Change form text, button labels, messages
See Styling and CSS and Template overrides.
How do I change the email content?
Go to Settings > Frontend Reset Password > General Settings:
- Customize email subject
- Customize email body
- Use template variables:
{username},{reset_link},{email} - Change sender name and email
For advanced customization, use filter hooks. See Email customization.
Can I translate the plugin?
Yes, the plugin is translation-ready with text domain 'frontend-reset-password'. Use:
- Poedit
- Loco Translate plugin
- WPML
- Any WordPress translation tool
See Translations guide.
How do I override templates?
- Create directory:
your-theme/somfrp-templates/ - Copy template from plugin's
templates/directory - Modify the copied template
- Save changes
The plugin automatically uses your theme's version. See Template overrides.
Can I add custom fields to the forms?
Yes, use action hooks to inject custom content:
somfrp_before_form- before form HTMLsomfrp_after_form- after form HTMLsom_after_change_new_pass_input- after password input
See Actions and filters.
Security
What password requirements can I set?
Configure in Settings > Frontend Reset Password > Security Settings:
- Minimum password length (default: 8 characters)
- Require lowercase letter
- Require uppercase letter
- Require number
- Require special character
See Security settings.
Is the plugin secure?
Yes, the plugin follows WordPress security best practices:
- Nonce verification for all form submissions
- Password reset keys expire after 24 hours
- Server-side validation enforced
- Uses WordPress core password reset functions
- Sanitizes all user input
Can I make passwords more secure?
Yes, increase security by:
- Setting higher minimum length
- Requiring all character types
- Using HTTPS on your site
- Keeping WordPress and plugins updated
- Using strong email passwords
What if someone tries to brute force passwords?
The plugin uses WordPress's built-in reset key system, which:
- Generates unique, random keys
- Expires keys after 24 hours
- Invalidates keys after use
- Requires email access to receive link
Consider adding a security plugin for additional rate limiting.
Email Issues
Why aren't reset emails being sent?
Common causes:
- WordPress mail function issues
- Server email restrictions
- Emails going to spam
- Plugin conflicts
See Email not sending troubleshooting for solutions.
How do I fix email delivery?
Best solution: Install an SMTP plugin like WP Mail SMTP and configure it with a reliable email service (Gmail, SendGrid, Mailgun, Amazon SES).
See Email not sending troubleshooting.
Can I test email delivery?
Yes, use the "Check Email" plugin to send test emails and verify your WordPress email configuration works.
Why do emails go to spam?
Common reasons:
- Using
noreply@addresses - Missing SPF/DKIM records
- Poor sender reputation
- Spam trigger words in content
See Email not sending troubleshooting.
Troubleshooting
The form doesn't display on my page
Check these common issues:
- Plugin is activated
- Shortcode is correct:
[reset_password] - Page is published
- No JavaScript errors
- No theme conflicts
See Form not displaying troubleshooting.
Users see "Invalid or expired key" error
Common causes:
- Reset link is older than 24 hours
- Key was already used
- URL was modified
- Caching issues
Solution: Request a new reset link. See Invalid or expired key troubleshooting.
Password validation isn't working
Check:
- Security settings are configured
- JavaScript is loading
- No JavaScript errors in console
- No plugin conflicts
See Password validation issues troubleshooting.
How do I debug issues?
Enable WordPress debug mode:
define( 'WP_DEBUG', true );
define( 'WP_DEBUG_LOG', true );
define( 'WP_DEBUG_DISPLAY', false );
Check debug log at: wp-content/debug.log
Development
Can I extend the plugin functionality?
Yes, the plugin provides extensive hooks:
- 8 action hooks for custom functionality
- 5 filter hooks for modifying behavior
- 8 public functions for integration
- Template override system
See Developer reference.
What hooks are available?
Actions:
somfrp_before_form- Before form HTMLsomfrp_after_form- After form HTMLsomfrp_post_request- After POST receivedsomfrp_lost_pass_action- After lost password validationsomfrp_reset_pass_action- After reset password validation- And more...
Filters:
somfrp_retrieve_password_title- Email subjectsomfrp_retrieve_password_message- Email bodysomfrp_get_template- Template path- And more...
See Actions and filters.
Can I integrate with other plugins?
Yes, use hooks to integrate with:
- Membership plugins
- CRM systems
- Email marketing tools
- Analytics platforms
- Custom user management systems
See Developer reference.
How do I log password reset attempts?
Use the somfrp_lost_pass_action hook:
add_action( 'somfrp_lost_pass_action', 'log_password_reset_attempts' );
function log_password_reset_attempts( $user_data ) {
error_log( 'Password reset requested for: ' . $user_data->user_email );
}
See Actions and filters.
Compatibility
Does it work with WooCommerce?
Yes, the plugin works with WooCommerce. Users can reset their WooCommerce account passwords through the custom frontend page.
Does it work with membership plugins?
Yes, it works with most membership plugins including:
- MemberPress
- Restrict Content Pro
- Paid Memberships Pro
- Ultimate Member
Does it work with page builders?
Yes, it works with page builders like:
- Elementor
- Beaver Builder
- Divi Builder
- Gutenberg
Just add the [reset_password] shortcode to your page.
Does it work with caching plugins?
Yes, but you may need to exclude the reset password page from caching to ensure dynamic content works correctly.
Does it work with security plugins?
Yes, but some security plugins may interfere with email delivery or form submissions. If you experience issues, check for plugin conflicts.
Support
Where can I get help?
- Check this FAQ
- Review Troubleshooting guides
- Visit Resources and support
- Contact WP Enhanced support
How do I report a bug?
Contact WP Enhanced support with:
- WordPress version
- PHP version
- Plugin version
- Active theme
- Active plugins
- Error messages
- Steps to reproduce
Can I request features?
Yes, contact WP Enhanced support with your feature request. Include details about your use case and how the feature would help.
Is there a community forum?
Check Resources and support for community links including Facebook Group and Discord server.
What's next
- Troubleshooting - Solve common issues
- Resources and support - Get additional help
- Quick start tutorial - Complete setup guide