BuddyPress doesn’t affect user authentication or password resets. We leave that to WordPress.
WordPress’ lost password link can be found on the .com/wp-login.php
screen. You can copy that link into your theme/navigation menu, etc, if you want it elsewhere.
Well… I would prefer buddypress to inform user on wrong user id or password entered instead of redirect user to wordpress login. It will encourage for hacking. Do you have any ways to so that it doe not redirect to wordpress login but show wrong userid or password.
Thanks for your help.
The BuddyPress login widget is just a styled version of the WordPress login page. Hackers are still hitting the same database regardless of if they are finding your login widget — or more likely — blinding hitting your /wp-login.php page. wp-login isn’t being replaced here. If you are worried about brute force attacks, you should look into mechanisms created to protect WordPress (captchas, limit login attempts, etc.)
Replacing the WP login infrastructure with something else is a whole other matter, and something you would need to do on the WP side. As @djpaul mentioned, BP leaves that side of the site to the existing BP user management system.
Hi guys,
thanks for the reply, I think you have miss understand what i mean.
At the frontend buddypress user page, every time any user login(include admin) when entered a wrong password is keyed redirect to the wordpress page. I would like to know you have any advice to show wrong password or user name entered instead of redirect to wordpress page.
And at the frontend buddypress user page, there is no forget password link, what if the user lost his or her password (exclude admin), how can the user receive it password thru email.