RM Blackpoint

And now it’s been another few days and the password the system gave me last time I asked to reset doesn’t work. Is it possible that there’s some setting that’s making it change every few days, leaving it with an “admin” account that’s on my email address but a different password?

The password reset email still comes to me, so it’s not like someone else is getting that email. I’m very puzzled.

I’d already installed WordFence, which is supposed to be a very good security plugin, and also restricted the IP addresses which can access the login page. Hopefully that will help the security problem, but as I said, one of the options you can select in WordPress is to disallow the registration of an “admin” username and to block IPs that try to sign in as whatever names you choose if those users don’t exist (so I blocked “admin”). No user called “admin” existed – there was my account with admin privileges and a different name. I successfully logged in with my account a few days ago. Today I once again find that my account is gone and has been replaced by “admin”, still on my e-mail address.

(Can’t look at the codex now – 504 – but will check later.)