Until now, nothing of the backend has changed and everything should \nbe backwards compatible.<\/p>"},"ratings":{"1":1,"2":0,"3":0,"4":0,"5":14},"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.07","1.10.1","1.11.0","1.11.1","1.11.2","1.11.3","1.12.0"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":1355017,"resolution":"1","location":"assets","locale":""},"screenshot-2.png":{"filename":"screenshot-2.png","revision":1355017,"resolution":"2","location":"assets","locale":""}},"screenshots":{"1":"The profile element, allowing administrators to create autologin links for\nusers on their profile page. Codes are generated automatically for sercurity\nreasons.","2":"The administrator UI allowing administrators to generate autologin links\nthat redirect visitors to specific pages of a website. The screenshot\nshows the menu together with the popup window that allows copying of the\nredirect link."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[754,608,537,175,602],"plugin_category":[38],"plugin_contributors":[82807],"plugin_business_model":[],"class_list":["post-16588","plugin","type-plugin","status-publish","hentry","plugin_tags-auto","plugin_tags-automatic","plugin_tags-link","plugin_tags-links","plugin_tags-login","plugin_category-authentication","plugin_contributors-wpautologin","plugin_committers-wpautologin"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/autologin-links.svg","icon_2x":false,"generated":true},"screenshots":[{"src":"https:\/\/ps.w.org\/autologin-links\/assets\/screenshot-1.png?rev=1355017","caption":"The profile element, allowing administrators to create autologin links for\nusers on their profile page. Codes are generated automatically for sercurity\nreasons."},{"src":"https:\/\/ps.w.org\/autologin-links\/assets\/screenshot-2.png?rev=1355017","caption":"The administrator UI allowing administrators to generate autologin links\nthat redirect visitors to specific pages of a website. The screenshot\nshows the menu together with the popup window that allows copying of the\nredirect link."}],"raw_content":"\n
This plugin allows admininstators to generate autologin links for their \nWordPress website, logging in visitors under a certain user name. Administrators\ncan edit (generate and delete) autologin links for users, users can only view\ntheir autologin links. Note that This plugin bypasses the standard \nauthentication method of wordpress via login and password and should only be \nused if you understand the security issues mentioned below and on the \nplugin website<\/a>.<\/strong><\/p>\n\n Usage<\/strong><\/p>\n\n Once this plugin is activated, administrators can generate autologin links on \nthe edit profile administration pages for different users. Users can view their\nautlogin links on their profile pages. Autologin links are of the form:<\/p>\n\n http:\/\/yourwebsite\/[subdirectory\/]?autologin_code=ABC123<\/p>\n\n For more convenience it is possible since version 1.05 to generate login links\ndirectly using the wordpress, site-preview functionality. When viewing the page\nwhile being logged in as an administrator, the top-bar will show an extra item\n\"Auto-login link\". When pointing at the menu item, a dropdown list will list\nall users for whom autologin links were generated on their profile pages. When\nclicking on one of the users, a popup will open showing the link that will \nautomatically login a visitor as the selected user and bring him to the\ncurrent page.<\/p>\n\n Security issues<\/strong><\/p>\n\n Since autologin links are meant to be an OPEN way to login to \nyour website and can be viewed by users on their profile, it might be considered\nan INSECURE plugin for WordPress. I did my best to make it as secure as possible\nto fit my own needs, but this lead to some design choices which might not sit \nwell with all administrators:<\/p>\n\n Autologin codes are saved as plain text.<\/strong> This means that anyone who can \nexecute queries on the WordPress database (plugins, administrators, system\nadministrators) can obtain the autologin code for a certain user. I planned an\nextension of this plugin where login codes are hashed. However, this again has \nthe disadvantage that noone can redisplay a once generated login link.<\/p>\n\n This is the most severe problem. For a full self-assesment of possible security\nissues regarding this problem, please visit the \nplugin website<\/a>.<\/p>\n\n\n