Members losing their password or needing to reset a password for any reason can be common for membership sites. With so many members logging in, some members are bound to forget their password from time to time. It happens to all of us at some point so a smooth password reset process is always ideal. But, what if the WordPress Lost Password link stops working correctly?
WishList Member and WordPress use the same functionality to handle lost or forgotten passwords. Lets get into how to assess and resolve a lost password link that doesn’t seem to cooperate.
WordPress Default Lost Password Feature
The default Lost Password page is powered by WordPress and it adds the following to the WordPress login page URL of the site:
So that lost password functionality is handled by WordPress.
For example, the “Lost your password” link on https://wlmtest.com/wp-login.php would direct to the following URL:
The /wp-login.php?action=lostpassword portion of the URL is based on the WordPress functionality for resetting a lost/forgotten password.
If you are seeing another URL for the lost password page, it is likely that another plugin is altering that functionality. We recommend checking to see if you have any login plugins or plugins that could effect login installed on your site.
You can hover a mouse over the Lost your password link on the /wp-login.php page to see where the link directs.
Note: You have the option to customize the look of the default WordPress Login page so that it better matches your site. This can be done using the WordPress Login Page Styling option in WishList Member.
Potential Reason and Solution
One potential reason for this issue can sometimes be related to running WooCommerce on the site and its setting for lost password. This is related to how WooCommerce can take over the page for the Lost Password.
In the example screenshot below, the page is on top of the WooCommerce “my account” page which might be set as protected on the site. (The page might be named something else depending on the site).
Please Note: my-account and lost-password are defaults set by WooCommerce but they can be changed in the WooCommerce settings.
Example Screenshot: (in this example, “my-account” and “lost” are used)
A possible solution is to either:
- Unprotect the my-account page.
- Do not let WooCommerce handle the lost password page.
One thing to keep in mind is /lost (or lost-password or whatever it might be renamed) is not an actual page so it cannot be unprotected by WishList Member. It is a “virtual page” created by WooCommerce.
If the “Lost your password” URL ends in lost-password (or something similar) it is likely powered by WooCommerce.
So if you are running WooCommerce, you can check if that is the case and instead use the WordPress default Lost Password functionality.
You can do that in the WooCommerce > Settings > Advanced > Account endpoints section.
You can scroll to the bottom of the WooCommerce > Settings > Advanced > Account endpoints section and remove “lost-password” (or whatever is shown) from the Lost password field and click the Save changes button. This will allow WordPress to handle the last password functionality for members on your site.
You can now assess and resolve what might be causing the Lost Password page to not function as expected.