By default, WordPress automatically sends an email to WordPress admins when any other user resets their password using the lost password link. This feature can be helpful for monitoring account activity and potential security issues.
But if you run a multi-author blog like ours, we’d imagine how annoying it can be to receive these notifications constantly, especially if your site has lots of users. These emails can quickly clutter your inbox, making it harder to focus on more important notifications.
In this article, we will show you how to disable the lost/changed password admin notifications in WordPress.
Why Disable the Lost/Changed Password Emails in WordPress?
By default, WordPress makes it easy for users to reset their passwords. They can simply head over to the WordPress login screen and click on the ‘Lost your password?’ link.
Every time a user resets their password, WordPress will send your site admin an email.
These messages can help you spot suspicious activity, including hackers who may break into a user’s account by changing their password.
However, these lost/changed password emails can become annoying if you are a site admin and allow user registration on your WordPress website.
With that being said, let’s take a look at how to disable the lost/changed password emails in WordPress. Simply use the quick links below to jump straight to the method you want to use:
Method 1: Disable Lost/Changed Password Emails in WordPress (No Code Method)
This method is recommended for all beginners since it doesn’t require you to touch any code.
The easiest way to disable the lost/changed password emails in WordPress is by using the WP Mail SMTP Pro plugin.
WP Mail SMTP is the best WordPress SMTP plugin on the market. Over 3 million website owners use WP Mail SMTP to improve their email deliverability and fix the WordPress not sending email issue.
WP Mail SMTP also lets you control which WordPress emails get sent out, so you can selectively disable the ones that you want. These include automatic update email notifications and the ‘Password Changed’ email.
Note: There is also a free WP Mail SMTP plugin that reconfigures WordPress to use a proper SMTP provider when sending emails. However, this free plugin doesn’t let you disable the ‘Password Reset’ email, so we will be using the premium plugin in this guide.
After buying the WP Mail SMTP plugin, simply click on the ‘Downloads’ tab in your WP Mail SMTP account.
You can then click on the ‘Download WP Mail SMTP’ button to download the plugin to your computer as a ZIP file.
Next, simply scroll to the ‘License key’ section. You’ll need this key to activate your plugin, so it’s a good idea to keep this page open.
Once you’ve done that, you’ll need to upload the ZIP file to your WordPress website and activate the WP Mail SMTP plugin. For more details, please see our guide on how to install a WordPress plugin.
Upon activation, go to WP Mail SMTP » Settings.
You can now either type or copy/paste your WP Mail SMTP license key into the ‘License Key’ field. Once you’ve done that, just click on the ‘Verify Key’ button.
After verifying your license key, head over to WP Mail SMTP » Settings.
You can then go ahead and click on the ‘Email Controls’ tab.
On this page, you’ll see all the emails that WordPress sends automatically.
To disable the lost/changed password email, just scroll to the ‘Change of User Email or Password’ section.
Next, find the ‘Password Reset Successfully’ slider and give it a click. This will turn the slider from ‘On’ to ‘Off.’
Now, you won’t get an email every time a user changes their password.
Method 2: Disable Lost/Changed Password Emails in WordPress (Code Method)
If you don’t want to set up an SMTP plugin, then you can disable password reset emails by adding code to your WordPress blog or website.
That’s where WPCode comes in.
This free plugin makes it easy to add custom CSS, PHP, HTML, and more to WordPress without putting your site at risk. You can simply paste the plugin’s code into WPCode’s editor and then activate and deactivate the code with the click of a button.
To start, you’ll need to install and activate WPCode. For more information, see our step-by-step guide on how to install a WordPress plugin.
After that, go to Code Snippets » Add Snippet in the WordPress dashboard.
Here, you’ll see all the pre-made snippets you can add to your site. These include a snippet that changes the ‘Howdy Admin’ text, disable automatic trash emptying, deactivate the WordPress admin bar, and more.
In this case, the code we want to use is not in the list of pre-made snippets. What you need to do is hover your mouse over ‘Add Your Custom Code (New Snippet)’ and then select ‘+ Add Custom Snippet’ when it appears.
To start, type in a title for the custom snippet. This could be anything that helps you identify the code in your WordPress dashboard.
Next, open the ‘Code Type’ dropdown menu and choose ‘PHP.’
After that, simply paste the following snippet into the code editor:
remove_action( 'after_password_reset', 'wp_password_change_notification' );
Below the code box, you’ll see some insertion options. There are two main options: Auto Insert and Shortcode (Default).
If it isn’t already selected, then click on ‘Auto Insert,’ WPCode will then automatically insert and execute the code across your entire online store, website, or blog.
With that done, you may want to add tags to the code snippet.
This can help organize your code snippets by topic and functionality.
When you are ready to publish the PHP snippet, scroll to the top of the screen and click on the ‘Inactive’ toggle so it changes to ‘Active.’
Finally, click on ‘Save Snippet’ to make the snippet live.
WordPress will now stop sending password reset notifications to your admin’s email address.
Expert Tips to Manage Your WordPress Admin
Want to learn more ways to improve your WordPress experience? Check out these guides below:
- How to Disable WordPress Admin Email Verification Notice
- How to Restrict WordPress Admin Access by IP Address
- How to Hide Unnecessary Menu Items From WordPress Admin
- How to Add Custom Dashboard Widgets in WordPress
- How to Remove the Powered by WordPress Footer Links
- The Right Way to Remove WordPress Version Number
- How to Add a Notification Center in WordPress Admin
We hope this article helped you learn how to disable the lost/changed password emails in WordPress. You may also want to check out our expert picks of the best WordPress admin dashboard plugins and our guide on how to outsource WordPress development.
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
Jiří Vaněk
WP Mail SMTP is a great plugin, but unfortunately, I’m only using the free version. I’ve now deployed the MemberPress plugin on my website and want to launch the membership section. The snippet is great because it’s quick and easy. Additionally, it works in WP Code lite, which I’m currently using. Thank you for offering such functional instructions that are available at no cost. That’s what I appreciate about this website.
Deivid
Tried adding this via a code snippet, as explained is possible in the article. But still getting notification emails?
WPBeginner Support
Depending on the code snippet plugin, ensure the specific snippet is enabled as the most common reason the snippet would not be working.
Admin
Ali Jooyafar
Thank You So much because of your useful tutorial.
a WP User From Iran. <3
WPBeginner Support
Glad our guide was helpful
Admin
David
Hello Good day wpbeginners, I tried using code snippet plugin, then placing the codes but I get an error saying
“The snippet has been deactivated due to an error on line 3: Cannot redeclare function wp_password_change_notification”.
Please I need a solution to this. Thanks
WPBeginner Support
For the method in this article, you would need to add it as a custom plugin and not using an additional plugin for it to work.
Admin
Marc
Thank you so much, so many emails and thus energy wasted nowadays, that could be saved with 3 lines of code.. thank you!!
WPBeginner Support
Glad our guide was helpful, while not the solution for every site we’re glad this could be something useful to you
Admin
Christopher Simmons
Thanks for this, was resetting some of my author passwords simply for security, and they started complaining why they were getting emails about it when they no longer write for my publication — doh. This would have helped there, and now it’s in place in our “extension plugin” we put all our hacks into.
THANK YOU!
ronald
Thanks for this code it helps me and my admin.
Marie Jac
Hi!
I am trying to remove the notification sent to the user himself when reset his password (because an email is already sent by another customer plugin). The code above seems to only remove notification to admin. Is there another code I can use?
Thank you!!
Guido
There is an hook for that.
Simply add this line of code
remove_action( 'after_password_reset', 'wp_password_change_notification' );Fábio Tojal
Hi there,
I am having problem! When I click on Reset Password nothing Happens! It stays in the same page!
Do you know what is happenig ?
Thanks!
Steve Barman
The plugin generated 4 characters of unexpected output during activation. If you notice “headers already sent” messages, problems with syndication feeds or other issues, try deactivating or removing this plugin. – I hope this isn’t anything to worry about
WPBeginner Support
If you continue to see this message, then please inform the plugin author.
Admin
John Dough
Another option is to filter all emails from change password to the trash. In GMail you can setup a filter by opening the email and then somewhere along the top is a list of options. One is filter messages like these. Follow the onscreen instructions and send them to the trash.
Bajza Ferenc
Hi,
I found better solution for solve this problem without plugin.
Backup your wp-includes/pluggable.php
Edit wp-includes/pluggable.php file
Find wp_password_change_notification part
Delete these lines from file:
if ( !function_exists(‘wp_password_change_notification’) ) :
/**
* Notify the blog admin of a user changing password, normally via email.
*
* @since 2.7.0
*
* @param object $user User Object
*/
function wp_password_change_notification(&$user) {
// send a copy of password change notification to the admin
// but check to see if it’s the admin whose password we’re changing, and skip this
if ( 0 !== strcasecmp( $user->user_email, get_option( ‘admin_email’ ) ) ) {
$message = sprintf(__(‘Password Lost and Changed for user: %s’), $user->user_login) . “\r\n”;
// The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option(‘blogname’), ENT_QUOTES);
wp_mail(get_option(‘admin_email’), sprintf(__(‘[%s] Password Lost/Changed’), $blogname), $message);
}
}
endif;
Save.
Enjoy.
WPBeginner Support
We strongly advise our users, to NEVER edit core WordPress files.
Admin
Alvaro
NEVER, NEVER, NEVER edit WordPress core files.
Any change should be done through a plugin or a child theme.
Pam Blizzard
Exactly what I wanted to know – and I thought putting a snippet in functions.php was the best way to go, but I’m so glad you mentioned that it wouldn’t work. THANK YOU!