Opened 7 years ago
Closed 7 years ago
#2858 closed defect (bug) (invalid)
I just posted a question in a support forum, only to see my EMAIL ADDRESS as the 'USERNAME' & there is no option to delete my post either. - MAJOR SECURITY FLAW
Reported by: | Owned by: | ||
---|---|---|---|
Milestone: | Priority: | high | |
Component: | Support Forums | Keywords: | |
Cc: |
Description
I want my username changed or at least the post deleted.
For a company that is supposed to take privacy 'very seriously' this is a serious error.
The only solution I saw was in here https://wordpress.org/support/topic/wordpress-org-change-username/ which was only to create a new profile. That is NOT A SOLUTION. Besides it being ridiculously confusing having multiple wordpress accounts that are not the same or linked, This 'solution' is also confusing because when I tried to do that, that would not work either. I didn't see an option to delete my post. I tried logging out and registering with a new username, only to seemingly have it think its my email. I could not log in and tried to get a reset link sent to me and never got anything. EDIT: I finally got that reset email and it shows the request for the same username (my email address) so why the hell is the username in my account showing my full email instead of the shortened version?
I should at least be able to delete the post but there is no option for that.
The login prompts for username/email. It DOES NOT notify the user that this will be displayed publicly. In that case, it should only prompt for 'username' and not email AND it should express to the user that this name will be displayed. THIS IS A HUGE ISSUE and should not be taken lightly.
I want my username changed. Edit my post to only show my display name or my new username (of my choosing, and not my email address).
Please get back to me as quickly as possible as I just posted. It is not right having my email address on full display! I almost posted a review for the plugin and I'm glad I didn't - that's even more visibility.
Hi there,
WordPress does not view email addresses as sensitive information in the manner you are relating it to (chances are you already hand this out on a daily basis to numerous people), but you can easily change your own display name just like you would in your own WordPress install.
As for the prompt, this is only a login screen (as of WordPress 4.5 logging in using an email address is supported), and does not relate to what name is displayed anywhere.