Do you want to learn how to disable the lost/changed password email in WordPress?
By default, WordPress automatically sends an email to WordPress admins when any other user resets their password using the lost password link. These emails can quickly become annoying if your site has a lot of users.
In this article, we will show you how to disable the lost/changed password emails in WordPress.
Why Disable the Lost/Changed Password Emails in WordPress?
By default WordPress makes it easy for users to reset their password. They can simply head over to the WordPress login screen and click on the ‘Lost your password?’ link.
Every time a user resets their password, WordPress will send your site admin an email.
These emails can help you spot suspicious activity including hackers who may break into a user’s account by changing their password.
However these lost/changed password emails can become annoying if you allow user registration on our WordPress website. This is especially true if you run a membership site or a WooCommerce store that has lots of registered customers.
With that being said, let’s take a look at how disable the lost/changed password emails in WordPress. Simply use the quick links below to jump straight to the method you want to use.
- Method 1. Disable Change Password Emails in WordPress (No Code Method)
- Method 2. Disable Change Password Emails in WordPress (Code Method)
Method 1: Disable Change Password Emails in WordPress (No Code Method)
This method is recommended for all beginners since it doesn’t require you to touch any code.
The easiest way to disable the lost/changed password emails in WordPress is by using the WP Mail SMTP Pro plugin.
WP Mail SMTP is the best WordPress SMTP plugin on the market. Over 2 million website owners use WP Mail SMTP to improve their email deliverability and fix the WordPress not sending email issue.
WP Mail SMTP also lets you control which WordPress emails get sent out, so you can selective disable the ones that you want. This includes automatic update email notifications and the ‘Password Changed’ email.
There is also a free WP Mail SMTP plugin that many WordPress website owners use to make sure their emails bypass the spam folder. However, this free plugin doesn’t let you disable the ‘Password Reset’ email.
After buying the WP Mail SMTP plugin, simply click on the ‘Downloads’ tab in your WP Mail SMTP account.
You can then click on the ‘Download WP Mail SMTP’ button to download the plugin to your computer as a ZIP file.
Next, simply scroll to the ‘License key’ section. You’ll need this key to activate your plugin, so it’s a good idea to keep this page open.
Once you’ve done that, you’ll need to upload the ZIP file to your WordPress website and activate the WP Mail SMTP plugin. For more details, please see our guide on how to install a WordPress plugin.
Upon activation, go to WP Mail SMTP » Settings.
You can now either type or copy/paste your WP Mail SMTP license key into the ‘License Key’ field. Once you’ve done that, just click on the ‘Verify Key’ button.
After verifying your license key, head over to WP Mail SMTP » Settings.
You can then go ahead and click on the ‘Email Controls’ tab.
On this page, you’ll see all the emails that WordPress sends automatically.
To disable the lost/changed password email, just scroll to the ‘Change of User Email or Password’ section.
Next, find the ‘Password Reset Successfully’ slider and give it a click. This will turn the slider from ‘On’ to ‘Off.’
Now, you won’t get an email every time a user changes their password.
Method 2. Disable Change Password Emails in WordPress (Code Method)
With this method, you can add a code snippet to your WordPress blog or website without having to rely on your theme. This means that you can switch to a new theme at any point without losing all of your custom code.
That being said, this method is a bit more complicated and isn’t recommended for beginners.
All you need to do is add the following code in a site-specific plugin or in the code snippets plugin:
if ( !function_exists( 'wp_password_change_notification' ) ) {
function wp_password_change_notification() {}
}
That’s all, WordPress will now stop sending you email notifications whenever one of your users changes their password.
Let us explain the code to you.
WordPress has a ‘wp_password_change_notification’ function which is saved in its /wp-includes/pluggable.php file. Every time a user resets their password this function sends an email to your WordPress admin.
The code above overrides this built-in function. Instead of sending an email, it tells WordPress to do nothing.
You might be wondering: why can’t I just paste this code into my theme’s functions.php file?
The answer is simple: because it won’t work.
WordPress loads the pluggable.php file before it loads your theme’s functions.php file.
By the time WordPress runs the functions.php code, the ‘wp_password_change_notification’ function has already sent its password reset emails.
To learn more, please see our guide to pasting snippets from the web into WordPress.
We hope this article helped you learn how to disable the lost/changed password emails in WordPress. You may also want to check out our ultimate WordPress security guide, or see our guide on how to disable new user registration email in WordPress.
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
Ali Jooyafar says
Thank You So much because of your useful tutorial.
a WP User From Iran. <3
WPBeginner Support says
Glad our guide was helpful
Admin
David says
Hello Good day wpbeginners, I tried using code snippet plugin, then placing the codes but I get an error saying
“The snippet has been deactivated due to an error on line 3: Cannot redeclare function wp_password_change_notification”.
Please I need a solution to this. Thanks
WPBeginner Support says
For the method in this article, you would need to add it as a custom plugin and not using an additional plugin for it to work.
Admin
Marc says
Thank you so much, so many emails and thus energy wasted nowadays, that could be saved with 3 lines of code.. thank you!!
WPBeginner Support says
Glad our guide was helpful, while not the solution for every site we’re glad this could be something useful to you
Admin
Christopher Simmons says
Thanks for this, was resetting some of my author passwords simply for security, and they started complaining why they were getting emails about it when they no longer write for my publication — doh. This would have helped there, and now it’s in place in our “extension plugin” we put all our hacks into.
THANK YOU!
ronald says
Thanks for this code it helps me and my admin.
Marie Jac says
Hi!
I am trying to remove the notification sent to the user himself when reset his password (because an email is already sent by another customer plugin). The code above seems to only remove notification to admin. Is there another code I can use?
Thank you!!
Guido says
There is an hook for that.
Simply add this line of code
remove_action( 'after_password_reset', 'wp_password_change_notification' );Fábio Tojal says
Hi there,
I am having problem! When I click on Reset Password nothing Happens! It stays in the same page!
Do you know what is happenig ?
Thanks!
Steve Barman says
The plugin generated 4 characters of unexpected output during activation. If you notice “headers already sent” messages, problems with syndication feeds or other issues, try deactivating or removing this plugin. – I hope this isn’t anything to worry about
WPBeginner Support says
If you continue to see this message, then please inform the plugin author.
Admin
John Dough says
Another option is to filter all emails from change password to the trash. In GMail you can setup a filter by opening the email and then somewhere along the top is a list of options. One is filter messages like these. Follow the onscreen instructions and send them to the trash.
Bajza Ferenc says
Hi,
I found better solution for solve this problem without plugin.
Backup your wp-includes/pluggable.php
Edit wp-includes/pluggable.php file
Find wp_password_change_notification part
Delete these lines from file:
if ( !function_exists(‘wp_password_change_notification’) ) :
/**
* Notify the blog admin of a user changing password, normally via email.
*
* @since 2.7.0
*
* @param object $user User Object
*/
function wp_password_change_notification(&$user) {
// send a copy of password change notification to the admin
// but check to see if it’s the admin whose password we’re changing, and skip this
if ( 0 !== strcasecmp( $user->user_email, get_option( ‘admin_email’ ) ) ) {
$message = sprintf(__(‘Password Lost and Changed for user: %s’), $user->user_login) . “\r\n”;
// The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option(‘blogname’), ENT_QUOTES);
wp_mail(get_option(‘admin_email’), sprintf(__(‘[%s] Password Lost/Changed’), $blogname), $message);
}
}
endif;
Save.
Enjoy.
WPBeginner Support says
We strongly advise our users, to NEVER edit core WordPress files.
Admin
Alvaro says
NEVER, NEVER, NEVER edit WordPress core files.
Any change should be done through a plugin or a child theme.
Pam Blizzard says
Exactly what I wanted to know – and I thought putting a snippet in functions.php was the best way to go, but I’m so glad you mentioned that it wouldn’t work. THANK YOU!