Partners Support Log In
Martin Cogburn


    Back to Top

    Add Membership Login & Password Functions in WordPress

    About the Alternate Password Reminder Method

    Applies to: ONTRAPORT Plus and above.

    The default WordPress "Forgot Password?" process will work fine with an integrated site, but suffers from several issues:

    • The email is sent by WordPress, and is not branded
    • You do not retain a copy of it in ONTRAPORT
    • It is more complex, forcing your member to click a link, visit an unbranded page on the WordPress site, and enter a new password
    • The extra steps required can present challenges for less technical members

    This alternate password reminder system sends the member a fully branded email that includes their existing password. The email is tracked in ONTRAPORT, and you can see when it has been opened in the Contact Log.

    This method is easier to use for audiences with less technical backgrounds, and is appropriate in cases where higher security is not required. An example is a site for music lessons where the login is simply to control access to protected course material. You would not use this process for a site that contains any personally identifiable private information, such as repositories of contracts, sites where medical information is discussed in a forum, etc.

    Adding a Member Login Form to your WordPress Page or Post

    PilotPress includes an easy to use login form wizard to help you create a custom log in page.


    Make sure all the formatting icons are available in the Visual editor when editing a page or post, and click the Add Login Form icon. If you see only one row of icons click the Toggle Toolbar icon (shown in the top row "depressed").

    1. After clicking the Add Login Form icon, select the Customize It! button. You should remove the default WordPress "Forgotten Password" function.
    2. In the drop down under "Forgotten Password" select Off.

      Say no to suppress the default WordPress password reminder function
    3. You can use the rest of the options in this dialog to make the form match your branding, or click Add my form! to add the shortcode into the page editor.
    4. Verify that the shortcode has the word forgotpw='false' in it. If not, recreate the login form. You will be adding your own "Forgot Password?" link below this shortcode in the next section.

      the forgot password text appears in the shortcode

    Create a Password Reminder Form

    This alternative to the default "lost password" function in WordPress will send a custom password reminder email from your ONTRAPORT account, complete with all of your branding. It requires you to create a new login page on your WordPress site first. Then follow the instructions below for each membership website you have.

    1. Navigate to Campaigns > Forms and click the New Form button
    2. Select Create New on the ONTRAform icon
    3. Select the Start From Scratch template
    4. Name the form 'Password Reminder <Site Name>' and click Add Block
    5. Add a Smart Form block and click to edit the Form
    6. Delete all fields except for the Email field
    7. Make the Email field required
    8. Edit the Submit Button to say something like 'Get Password Reminder'
    9. Click the Form Settings icon in the Palette
    10. Set the Opt-in Settings to Single Opt-In
    11. Set the Send Contacts here: to Custom URL and enter the URL to your custom login page.

      WordPress login URL ni the Custom URL field
    12. Save the Form Settings at the bottom of this dialog (do not use the Manage Form Fills section as all other actions will be done on the Campaign).
    13. Click Done in the palette to return to the Blocks on This Page view
    14. Click the Publish button
    15. Select the Click to Pop Lightbox option and edit the link text to say Forgot Password?
    16. Click the Copy to Clipboard button to copy the form code to your clipboard

    Add the Password Reminder Form to WordPress

    1. In WordPress, open your custom login page for editing (or create a new one)
    2. Click the Text tab in the editor
    3. Paste the form code from step 3 into the page underneath the login form code
    4. Save the page

    Create a Password Reminder Campaign

    1. Navigate to Campaigns
    2. Create a new Campaign or open an existing one related to your membership build
    3. Add a new Trigger element

    4. Click the + Add Trigger button
    5. Select "Contact Submits a Form" for the Trigger. Use the dropdown to select the Smart Form you created for the website.

    6. Adjust the Settings.
    7. For Who can activate this trigger? select "Any Contact in account".
    8. In the If Contact is already on map, then ... drop down select "Add here again when triggered" (this setting leaves them where ever else they are on the Campaign Map; this is important if you are adding this password reminder path to an existing Campaign).
    9. Leave the checkbox unchecked for This trigger can only be activated once per Contact.
    10. Click Done in the Trigger settings panel
    11. Add a Condition element under the Trigger. Click +Add Condition and select "Field is this value"

      1. In the Select Field drop down drill down into Website Subscribers > [Site Name]and select the Status field.
      2. In the Select Condition drop down select "Not Equal To".
      3. Leave the Select Value drop down blank, indicating that the Status field must not be blank to proceed down the yes path of this condition.

    12. Add a Send an Email element under the "Yes" path of the Condition.
    13. Create the email message to send the current password.

      1. Use the merge field for the site's Password and compose the text of the email.
      2. Optional: Insert the merge field for the site's Username and hyperlink the URL where members can log in. This is less secure than sending only the password, as anyone intercepting the email then knows the exact URL and full log in details.
      3. Click Settings and enter subject line, send from, and reply to details, and compose the entire email.
      4. Click the "Copy from HTML" button to create a plain text version of the email.
      5. Save the email.

    14. You will be returned to the Campaign map.
    15. Add an End element under the email element. Do not check the Remove Contacts from this Campaign when they reach here checkbox.
    16. Add an email element under the No path of the Condition and create a new email for "No status".
    17. Compose your email to tell the user that they are not a member of the website, and cannot receive a password. If you have a paid membership site you can include a link to the sales page for the site.
    18. If you have a free membership site you can alternately use a "Give WP Membership Access" element in the No path and add an Email element under it to send the new user their login credentials.
    19. Add an End element under the last element in the No path of the Condition. Do not check the Remove Contacts from this Campaign when they reach here checkbox.
    20. The complete lost password campaign path for this membership site looks like the image below. Repeat these steps starting from step 3 for each additional membership website.

    How This Works

    Now when your client clicks the Forgot Password? link the ONTRAform will pop up. The Contact fills in their email address and is subscribed to the Password Reminder Campaign.

    The Trigger on the Campaign is set to always add the Contact to this campaign path, even if they are already on the map elsewhere; this allows you to add this campaign path to your Membership Campaign map. The Condition checks to see if they really are a member, and allows you to tailor your response to them.

    WordPress Integration Resources

    Articles in this section

    Created - Updated
    Have more questions? Submit a request


    • Avatar
      Permanently deleted user

      I like doing stuff on OP, but if the theme receives an update, I have to do the whole thing again.

      So I use a free WP plugin called Theme My Login instead (I'm not affiliated with them, plus it's free - )

      It allows me to place the login onto any regular page or a widget. It also allows me to handle redirects after logging in, lost password users, block out the users that are using a brute-force attack, place CAPTCHAs if I want them and much more. Been using it for years =)

    • Avatar
      Jeffrey Orig

      Why isn't this just a simple copy and paste thing? Why do we have to build this from scratch?