Authentication requests for user resets their password
thefrosty opened this issue · 1 comments
thefrosty commented
After some tests, and a lot of complaints from users I confirmed this to be a real issue.
When making a REST request (like from POSTMAN) with the application password, it instantly changes the users hashed password forcing them to be logged out (from the web /wp-admin
) and needing a reset password.
thefrosty commented
Okay, I've tracked down the issue. It only happens when using the roots/wp-password-bcrypt package.
I opened an issue there: roots/wp-password-bcrypt#22