How to Disable or Lock a User Account in WordPress with User Locker
Recently while working on a client’s site, we had to disable a user account in WordPress. Basically, some of their writers were no longer with the company. They did not want to delete the user because it would require re-assigning the posts to another user. Doing that would basically strip away the original author’s credit and assign it to someone else which is obviously not fair. We are certain that bloggers who give access to one-time guest authors sometimes run into the same issue. So how should you deal with this situation? In this article, we will show you how to disable or lock a user account in WordPress with User Locker.
Install and activate plugin, go to Users page, select users you want to lock/unlock and then select the action from Bulk Actions drop down.
It has feature to add custom lock message to show on login screen for locked account. You can add your custom locked account message by going Settings and then click on General, there you can enter the message in field has label as Locked User Message.
How to disable WordPress user accounts
We had a similar issue with one of our tourism websites and to solve the issue, I changed the authors password and changed their email so that I received their emails. As such, they can not reset their password as the email goes to an email address that will be filtered into the default email account and received by me. They also can not login.
My concern was that if their account was locked, preventing login, their email address is still the same. They might receive notifications from the website and they can still change their gravatar image to something very unflattering. I much preferred the idea of changing all their data except their name.
As a precautionary note, it is worth pointing out that you should have admins sign a contract so that you own a license for the articles they submit otherwise they can request it is removed as they technically own the content.
How to disable or Lock down WordPress user account after Invalid Login attempts?
WordPress is the one most popular community driven CMS with thousands of plugins and themes available to transform your website into anything that you can imagine. As told by our Author Ramya Santhosh, because of its huge popularity, the need to secure WordPress website has become highly important. To remind, more than 90 thousand WordPress powered websites has been hacked at the end of April 2013. With these stats in mind, every WordPress administrator should take necessary care in managing their user accounts.
UNIX / Linux : How to lock or disable an user account
The commands passwd -l and usermod -L are ineffcient when it comes to disable/lock user accounts. These commands will not disallow authentication by SSH public keys (or other PAM modules other than pam_unix that may be enabled). Additionally, changing the shell to /bin/false or /sbin/nologin is unsatisfactory to us since this only affects interactive logins. So to completely disable user accounts you can user the command chage -E0. For example :