How to Remove the Auto-Fill Password on the Reset Password Page

Introduction

By default, WordPress automatically fills in a strong password when users access the password reset page. If you prefer the password field to be empty so users can manually enter their password, you can achieve this with a custom function. This guide explains how you can remove the auto-fill password on the reset password page.

Custom Workaround

1. Go to Appearance > Theme Editor in your WordPress admin dashboard.
   
2. Under Select theme to edit, choose your active theme (preferably a BuddyBoss Child Theme), then click Select.
   
3. From the Theme Files list, click Theme Functions (functions.php).
   
4. Paste the following code just before the closing PHP tag (?>):
   

add_filter( 'random_password', 'custom_disable_random_password', 999, 2 );
function custom_disable_random_password( $password ) {
    $action = isset( $_GET['action'] ) ? $_GET['action'] : '';
    if ( 'rp' == $action || 'resetpass' == $action ) {
        return '';
    }
    return $password;
}

5. Click Update File to save your changes.
   

Note: Modifications are typically considered custom work, but we are making an exception in this case. Please review the BuddyBoss Support Policy.

Troubleshooting and FAQs

Q: The password field still shows a generated password.
A: Ensure the code is added to the active theme’s functions.php file and that no other plugin or custom code is overriding the password reset behavior.

Q: Does this affect new user registrations?
A: No. This only affects the password reset page, not new user registration.

Q: Will leaving the password field empty reduce security?
A: No. WordPress will still enforce password strength rules when users submit a new password.

Q: Can I revert this change?
A: Yes. Simply remove the code from functions.php and save the file.

Q: Who can I contact for additional help?
A: Please review the BuddyBoss Support Policy or consult a qualified developer.